Bibou Le Forum
Portail sur la sécurité
 
PortailAccueilRechercherS'enregistrerMembresGroupesConnexion

Partagez | 
 

 [Résolu]infection ou autre cause ?

Voir le sujet précédent Voir le sujet suivant Aller en bas 
Aller à la page : 1, 2, 3  Suivant
AuteurMessage
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: [Résolu]infection ou autre cause ?   Jeu 4 Fév 2010 - 19:10

Bonjour à tous !
Depuis une quinzaine de jours, mon PC rame, il ralentit beaucoup et de temps en temps l'image à l'écran devient "pâle" et les touches & la souris ne répondent plus pendant quelques secondes.
Ca revient après mais c'est quand même agaçant et une perte de temps permanente.

Je me demande s'il s'agit : d'une infection virale ? d'un encombrement du disque (trop chargé ?) d'un ralentissement de la connexion internet ?

Pouvez-vous m'aider à trouver la cause de mon problème ?

Merci.

PS : je fais régulièrement des nettoyages avec CCleaner et Maleware. J'ai Avira antivir personal comme antivirus.

Re PS : je crois que le problème a commencé après que j'ai fait une défragmentation. Un lien possible avec cette action ??
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 4 Fév 2010 - 19:43

Bonjour
peux tu réaliser ceci s'il te plait :
Etape, 1,2, et 5
http://www.bibou0007.com/aide-a-la-desinfection-f8/procedure-a-suivre-avant-de-poster-t2887.htm

et poste les différents rapports je les analyserai ensuite

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 4 Fév 2010 - 20:27

ok laddy, j'ai fait l'étape 1 pour le moment, comme les autres sont plus longues je les ferai ce soir à la fermeture de mon ordi.

J'ai déjà Maleware et HiJackthis sur mon bureau (suite à un autre problème que les Bibou helpers m'avaient résolu)
Donc je suppose que je n'ai pas besoin de re-télécharger Maleware, peux-tu me le confirmer ?

A bientôt et merci.
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 4 Fév 2010 - 20:58

Bonjour
bien sur si il est deja installé inutile de le retelecharger par contre assures toi qu il soit à jour

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 5 Fév 2010 - 9:45

Absente ce week end...

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 5 Fév 2010 - 23:06

OK Laddy bon week end.
Tu me répondras à ton retour, mais j'ai un problème avec RSIT : il ne veut pas faire ce que je lui demande, j'ai un message d'erreur : AutoIt Error - Line 1 - Error : subscript used with non-Array variable.
Je peux déjà envoyer le rapport Maleware et j'ai aussi fait un rapport hijackthis parce que j'avais déjà cela sur mon bureau.
Il manque Gmer mais comme c'est plus long je vais le faire plus tard.

Merci et profite bien de ton week end !
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 5 Fév 2010 - 23:07

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3690
Windows 6.0.6000
Internet Explorer 7.0.6000.16982

05/02/2010 06:59:46
mbam-log-2010-02-05 (06-59-46).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 263846
Temps écoulé: 1 hour(s), 26 minute(s), 3 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 5 Fév 2010 - 23:09

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:19, on 05/02/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10122 bytes
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 12:56

Bonjour
le rapport de hijackthis seul ne m'apporte rien de probant.
Ormis faire une optimisation du démarrage de windows (alléger msconfig, désactivation de services inutiles), il ne rèvèle pas d'infections.

Il faut aller plus loin

Essaie ceci en faisant un clic droit sur l'executable et en choisissant Executer en mode administrateur.



  • Clique ici pour télécharger OTL (de Old Timer) sur ton bureau
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
  • Coche Lop Check et Purity check
  • Sous Custom Scans (en bas), copie/colle ceci

    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\*.
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    /md5stop
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.

    • A la fin du scan, deux rapports s'ouvriront (OTL.Txt et Extras.Txt). Copie/colle ici l'ensemble des rapports.

    PS : Les rapport sont aussi enregistrés sur le bureau

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 15:00

Laddy, je ne trouve pas les rapports !
A la fin du scan, mon ordi a redémarré, et je ne trouve pas les rapports sur mon bureau.
Quels devraient être leurs noms sur le Bureau ?
Où puis-je les récupérer ?

Sinon, je refais un scan ?

Merci
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 15:12

Tout est noté sur le texte donné plus haut.
Etrange que le PC ait rebooté... A mon avis OTL a planté si les rapports ne sont pas sur le bureau.

Essaie de le relancer en désactivant ton antivirus, fermer toutes les applications en cours y compris ton navigateur.

si il ne fonctionne toujours pas

essaie ceci qui était aussi demandé.

Télécharge Gmer. ([#006dff]Przemyslaw Gmerek[/#006dff])

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.
    Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet Rootkit.
  • A droite, coche seulement Files, Services & Registry.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.

Bon dimanche

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 15:20

Merci Laddy, je réessaye.

J'avais bien vu pour Gmer mais je n'avais pas réussi à le faire, je peux réessayer si besoin.

Je refais déjà OTL sans antivirus.

A +.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 15:48

OTL Extras logfile created on: 07/02/2010 14:33:23 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,40 Gb Total Space | 53,35 Gb Free Space | 51,11% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MPFL
Current User Name: langiaux
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3B0C3EEE-80D3-4656-8C46-ECDCB79C59D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CBE58CB8-DE3E-44A9-A9BE-67924CABDD89}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C3536F-33BF-4144-8511-48445344A128}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2C4DD452-5F27-4A44-9160-0815B6D777AA}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5E0A874A-125B-4300-BD90-4009A1AFCCAC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{621687BB-BBF5-4EEA-97A6-C1CF0420F310}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A2ED1BB8-1A84-4D55-893D-0B6377FE571B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A71661A7-434D-48AE-842A-D8C8919B9A1D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B0A209F6-F402-4576-9EFC-8E302A10903B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BC1B5170-655E-4F98-8F03-9C4172275284}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BD458E3F-ADFA-46D7-8527-1F1B97C7893A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CF1A04C1-4F4E-4274-996E-C4C6B6AB6546}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E4B467EC-4B9C-482F-8066-A1EA358522C7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{E6F2D5A4-1AAB-4761-BD62-C7D56DBEABD3}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"TCP Query User{55442E0F-6425-437E-81FF-DA0BA2162F44}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C123EAB8-38F4-44C3-BA62-9B3CD1E96220}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0018040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 Runtime
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{336A609A-6ECC-4E05-B320-CCC085BF7EA7}" = MSCU for Microsoft Vista
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.2
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Photo et imagerie HP 2.0 - All-in-One Pilote
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}" = Garmin Communicator Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Photo et imagerie HP 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FCCC555E-166C-426A-A98C-39C80AE7C081}" = HP User Guides 0082
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Cuisine Delinia_is1" = Cuisine Delinia 3.1.12
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"HP PSC 1200 Series" = Photo et imagerie HP 2.0 - hp psc 1200 series
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"La Crapette, le Jardin, les Trains_is1" = La Crapette, le Jardin, les Trains
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Neuf_Kit" = Neuf - Kit de connexion
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Urgence Windows_is1" = Urgence Windows 10.02b
"VLC media player" = VideoLAN VLC media player 0.8.6i
"WinLiveSuite_Wave3" = Installation Windows Live
"zacbfdlaz" = Favorit
"ztgbfas" = Favorit

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SquareClock_Production_FLY" = Cuiclic

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = VSS | ID = 12293
Description =

Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = System Restore | ID = 8193
Description =

Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = System Restore | ID = 8210
Description =

Error - 12/11/2008 18:51:08 | Computer Name = MPFL | Source = System Restore | ID = 8193
Description =

Error - 12/11/2008 18:51:08 | Computer Name = MPFL | Source = System Restore | ID = 8210
Description =

Error - 13/11/2008 02:03:39 | Computer Name = MPFL | Source = MsiInstaller | ID = 11706
Description =

Error - 13/11/2008 02:03:43 | Computer Name = MPFL | Source = MsiInstaller | ID = 1024
Description =

Error - 16/11/2008 06:50:32 | Computer Name = MPFL | Source = Application Hang | ID = 1002
Description = Le programme msaccess.exe version 9.0.0.2719 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 6e0 Heure de
début : 01c947d782037e98 Heure de fin : 43

Error - 29/11/2008 14:13:54 | Computer Name = MPFL | Source = MsiInstaller | ID = 11706
Description =

Error - 29/11/2008 14:13:58 | Computer Name = MPFL | Source = MsiInstaller | ID = 1024
Description =

[ Media Center Events ]
Error - 13/01/2010 19:29:26 | Computer Name = MPFL | Source = Media Center Guide | ID = 0
Description = ?

[ OSession Events ]
Error - 25/01/2009 18:18:44 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 26316
seconds with 17460 seconds of active time. This session ended with a crash.

Error - 15/02/2009 13:32:48 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18553
seconds with 8400 seconds of active time. This session ended with a crash.

Error - 17/09/2009 03:55:13 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 1310
seconds with 660 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 07/02/2010 08:37:50 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:37:54 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:37:59 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:38:03 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:49:11 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:49:14 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:49:16 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:49:18 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 08:49:20 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Error - 07/02/2010 09:23:13 | Computer Name = MPFL | Source = disk | ID = 262151
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.


< End of report >
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 15:51

le raport OTL.Txt est trop gros ! est-ce que je peux le couper en 2 et l'envoyer en 2 fois ?
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 18:56

Oui ou utilises un site tel que cijoint.com

Mais je peux de suite te dire que ton disque dur a un sérieux problème :

Citation :
Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Je te donnerai plus d'info une fois que j'aura analysé tes rapports demain matin

Je serai toi sauvegarde de suite tous tes documents sur différents supports amovibles

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 20:52

OTL logfile created on: 07/02/2010 14:33:23 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,40 Gb Total Space | 53,35 Gb Free Space | 51,11% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MPFL
Current User Name: langiaux
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/07 12:16:59 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL.exe
PRC - [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/03/09 05:19:17 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 16:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/01/26 21:56:52 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 15:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
PRC - [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/25 07:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2008/02/11 20:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 20:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/02/11 20:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/02/11 20:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007/03/28 16:45:14 | 000,176,128 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hp\QuickPlay\QPService.exe
PRC - [2007/03/01 12:18:36 | 000,472,776 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007/02/13 10:38:36 | 000,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/01/30 14:58:52 | 000,677,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2007/01/13 04:36:40 | 000,827,392 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/01/10 15:12:08 | 000,317,128 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/11/02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2005/08/19 14:14:28 | 000,021,504 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE
PRC - [2003/04/06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe


========== Modules (SafeList) ==========

MOD - [2010/02/07 12:16:59 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL.exe
MOD - [2008/11/27 05:35:51 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll
MOD - [2006/11/02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique)
SRV - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/08/05 21:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/21 10:01:00 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/10/29 01:21:51 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/02/17 06:31:12 | 000,074,656 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/02/12 08:36:58 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2007/01/09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/11/02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/12/10 15:03:58 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/13 10:32:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007/12/30 18:13:12 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 03:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/02/07 22:15:14 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte réseau Intel(R)
DRV - [2007/02/02 02:00:00 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/01/13 04:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/12/12 17:06:40 | 000,148,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006/11/30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/16 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/16 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/16 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,163,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e100b325.sys -- (E100B) Pilote de carte Intel (R)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/06/28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 15:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 22:06:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/03 16:16:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/03 16:16:25 | 000,000,000 | ---D | M]

[2010/02/06 21:45:36 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/01/17 09:40:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/03/23 19:24:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/03/26 10:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010/01/17 09:40:32 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/01/17 09:40:32 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/08/24 20:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2009/03/09 05:19:09 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2007/10/11 14:17:50 | 001,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2010/01/17 09:40:43 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 19:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/12/21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/02/03 16:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2010/01/17 09:40:46 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/17 09:40:46 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/17 09:40:46 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/01/17 09:40:46 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/12/17 11:22:40 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/01/17 09:40:46 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/17 09:40:46 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Dim 7 Fév 2010 - 20:53

et la suite :
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG
O24 - Desktop BackupWallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/07 01:31:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{0ea0a963-8d4c-11de-ac7a-001b24509dcf}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/04 17:35:59 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msado15.dll
[2010/02/04 17:35:59 | 000,015,872 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSKFR.DLL
[2010/02/04 17:35:58 | 000,572,416 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\shdoclc.dll
[2010/02/04 17:35:58 | 000,119,568 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6fr.dll
[2010/02/04 17:35:58 | 000,101,888 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
[2010/02/04 17:35:58 | 000,069,632 | --S- | C] (Accenture) -- C:\Windows\System32\Infobulle.ocx
[2010/02/04 17:35:58 | 000,057,344 | --S- | C] (JiangYuanDong) -- C:\Windows\System32\SaveJpeg.ocx
[2010/02/04 17:35:58 | 000,006,656 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\stdftfr.dll
[2010/02/04 17:35:14 | 001,355,776 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll
[2010/02/04 17:35:14 | 000,108,336 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX
[2010/02/04 17:35:13 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX
[2010/02/04 17:35:13 | 000,115,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2010/02/04 17:35:13 | 000,090,112 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msjro.dll
[2010/02/04 17:35:12 | 000,322,560 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPTR.DLL
[2010/02/04 17:35:12 | 000,311,296 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPT.DLL
[2010/02/04 17:35:12 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATGRD.OCX
[2010/02/04 17:35:12 | 000,187,712 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATREP.OCX
[2010/02/04 17:35:10 | 000,479,232 | --S- | C] (TB) -- C:\Windows\System32\CF2D_V2.ocx
[2010/02/04 17:35:10 | 000,141,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2010/02/04 17:35:10 | 000,131,856 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX
[2010/02/04 17:35:10 | 000,078,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2010/02/04 17:35:10 | 000,059,904 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL
[2010/02/04 17:35:09 | 000,015,360 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL
[2010/02/04 17:35:08 | 000,245,760 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\hxvz.dll
[2010/02/04 17:35:08 | 000,180,224 | --S- | C] (Intel Corporation) -- C:\Windows\System32\ijl11.dll
[2010/02/04 17:35:07 | 000,044,544 | --S- | C] (Hilgraeve, Inc.) -- C:\Windows\System32\hticons.dll
[2010/02/04 17:35:06 | 000,040,960 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL
[2010/02/04 17:35:06 | 000,033,280 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBRPRFR.DLL
[2010/02/04 17:35:06 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLSTFR.DLL
[2010/02/04 17:35:06 | 000,028,672 | --S- | C] (Tradition Bois) -- C:\Windows\System32\ftdbcf.dll
[2010/02/04 17:35:05 | 000,525,352 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGRID32.OCX
[2010/02/04 17:35:05 | 000,215,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLIST32.OCX
[2010/02/04 17:35:05 | 000,034,816 | --S- | C] (Apex Software Corporation) -- C:\Windows\System32\DBGRDFR.DLL
[2010/02/04 17:35:05 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATGDFR.DLL
[2010/02/04 17:35:05 | 000,021,504 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATRPFR.DLL
[2010/02/04 17:35:04 | 000,089,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCTLFR.DLL
[2010/02/04 17:35:04 | 000,032,768 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2010/02/04 17:35:04 | 000,028,672 | --S- | C] (Microsoft Corporation ) -- C:\Windows\System32\CMCT3FR.DLL
[2010/02/04 17:35:04 | 000,020,992 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCT2FR.DLL
[2010/02/04 17:35:02 | 000,016,384 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL
[2010/02/04 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cuisine Astuce
[2010/02/03 16:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/03 16:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/02/03 16:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- C:\Workspaces
[2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- \Workspaces
[2010/01/22 07:24:18 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/22 07:24:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/22 07:24:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/22 07:24:16 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/22 07:24:15 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/22 07:24:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/22 07:24:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/22 07:24:15 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/22 07:24:14 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/22 07:24:14 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/22 07:24:14 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/22 07:24:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/22 07:24:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/22 07:24:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/22 07:24:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/22 07:24:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/22 07:24:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/22 07:24:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/22 07:24:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/22 07:24:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/14 00:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/01/14 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2010/01/13 07:11:25 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/13 07:11:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/13 07:11:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/13 07:11:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/13 07:11:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz
[2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz
[2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () --
[2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () --
[2008/09/24 15:10:00 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm
[2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm
[2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm
[2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm
[2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm
[2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm
[2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm
[2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm
[2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt
[2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt
[2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt
[2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz
[2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz
[2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log
[2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log
[2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () --
[2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () --
[2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm
[2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm
[2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm
[2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm
[2007/05/07 01:22:40 | 000,000,511 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2006/11/02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 13:37:35 | 000,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 13:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 13:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 13:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat
[2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat
[2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr
[2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr

========== Files - Modified Within 30 Days ==========

[2010/02/07 14:32:17 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/07 14:32:17 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/07 14:32:02 | 003,145,728 | -HS- | M] () -- C:\Users\langiaux\ntuser.dat
[2010/02/07 13:46:11 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job
[2010/02/07 12:41:02 | 000,798,068 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/07 12:41:02 | 000,797,960 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/02/07 12:41:02 | 000,295,790 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/07 12:41:02 | 000,284,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/07 12:41:02 | 000,042,226 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/02/07 12:39:56 | 000,000,295 | ---- | M] () -- C:\Windows\win.ini
[2010/02/07 12:32:42 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/02/07 12:31:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/07 12:31:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/07 12:31:21 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/05 22:33:58 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\IKEA Home Planner.lnk
[2010/02/04 17:35:59 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk
[2010/02/03 16:20:26 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/03 15:06:07 | 202,047,002 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/01 20:00:00 | 000,000,588 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - langiaux.job
[2010/01/31 14:23:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlangiaux.job
[2010/01/19 08:10:56 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/14 11:12:06 | 000,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/14 00:19:29 | 002,555,904 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/01/14 00:19:29 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/01/14 00:19:29 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/01/13 08:32:27 | 000,354,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/08 23:48:40 | 000,000,399 | ---- | M] () -- C:\Windows\CARTES.INI

========== Files Created - No Company Name ==========

[2010/02/04 17:35:59 | 001,138,688 | --S- | C] () -- C:\Windows\System32\vkUserControlsXP.ocx
[2010/02/04 17:35:59 | 000,169,984 | ---- | C] () -- C:\Windows\System32\glut.dll
[2010/02/04 17:35:59 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk
[2010/02/04 17:35:58 | 000,551,120 | --S- | C] () -- C:\Windows\System32\VBOGL.TLB
[2010/02/04 17:35:58 | 000,000,005 | ---- | C] () -- C:\Windows\System32\samsc.ocx
[2010/02/04 17:35:06 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll
[2010/02/03 16:20:26 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/03 15:04:58 | 202,047,002 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/01/19 08:10:56 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/14 00:10:56 | 002,555,904 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/01/14 00:10:56 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/01/14 00:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2009/08/16 13:55:54 | 000,000,066 | ---- | C] () -- C:\Windows\QTW.INI
[2009/08/16 13:42:25 | 000,000,117 | ---- | C] () -- C:\Windows\QM.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/05/25 11:42:43 | 000,000,785 | ---- | C] () -- C:\Windows\wininit.ini
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/10/29 22:19:55 | 000,000,399 | ---- | C] () -- C:\Windows\CARTES.INI
[2007/10/27 16:06:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/02/27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/02/22 11:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
[2006/12/13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/08 05:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2001/01/15 10:40:04 | 000,016,896 | ---- | C] () -- C:\Windows\arrondi.dll
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/02/06 23:26:55 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/02/07 13:46:11 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2007/05/07 01:31:12 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 10:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2008/05/27 20:35:31 | 000,003,122 | ---- | M] () -- C:\cleannavi.txt
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009/02/23 16:02:26 | 000,002,730 | ---- | M] () -- C:\fixnavi.txt
[2010/02/07 12:31:21 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys
[2008/03/10 09:49:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/03/10 09:49:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/02/07 12:31:19 | 2450,980,864 | -HS- | M] () -- C:\pagefile.sys
[2008/01/08 19:33:03 | 000,235,884 | ---- | M] () -- C:\Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz
[2009/12/08 19:26:48 | 000,218,546 | ---- | M] () -- C:\Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz
[2007/05/07 01:53:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2008/09/04 22:33:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2008/09/05 18:46:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2007/05/07 01:53:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2008/09/04 22:33:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2008/09/05 18:46:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/12/08 18:32:19 | 000,002,032 | ---- | M] () -- C:\urgence.log

< %PROGRAMFILES%\*.* >
[2008/12/11 06:10:33 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %PROGRAMFILES%\*. >
[2007/05/07 01:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2009/03/23 19:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/02/14 10:14:20 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe(288)
[2008/07/20 15:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2008/09/26 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/06/30 18:53:26 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2009/09/23 19:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2008/03/29 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\CafeBible Gadget LSG
[2009/03/30 17:51:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2009/11/26 17:35:21 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/01/31 11:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/10/29 22:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Crapette Jardin Trains
[2010/02/06 11:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Cuisine Astuce
[2009/06/16 18:54:19 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/05/07 01:25:06 | 000,000,000 | ---D | M] -- C:\Program Files\EasyBits
[2007/10/24 17:52:46 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2009/06/16 18:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin
[2009/06/16 18:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin GPS Plugin
[2009/01/26 21:56:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/03 22:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/11/08 22:45:29 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2007/05/07 01:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2010/02/01 01:15:51 | 000,000,000 | ---D | M] -- C:\Program Files\IKEA HomePlanner
[2010/02/03 22:25:25 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/01/23 07:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/02/03 16:19:22 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/02/03 16:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/03/28 10:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/01/10 00:01:51 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/03 06:58:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/01/14 00:10:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ATS
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/07/13 16:00:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/01/20 20:19:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/06/03 06:53:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/06/03 06:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/10/16 22:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/07/13 15:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/07/20 15:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\MioNet
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/02/07 13:45:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2007/10/29 01:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/05/07 01:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2009/02/24 20:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Navilog1
[2007/11/05 14:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Neuf
[2009/03/24 06:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2009/07/30 18:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2008/07/20 15:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\Philips
[2009/08/16 13:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\quickmov
[2010/02/03 16:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/05/07 00:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2007/05/07 01:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2007/12/06 15:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2008/05/29 10:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/08/27 08:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2007/05/07 00:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/02/16 10:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro
[2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/12/08 20:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\Urgence Windows
[2009/09/23 19:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Utilitaire de configuration iPhone
[2008/08/10 17:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/10/29 08:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2007/10/29 08:54:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/10/10 13:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/06/03 06:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/01/13 08:25:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/11/02 08:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2007/10/24 17:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/01/10 03:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/01/01 01:14:07 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\2020 Fusion
[2009/04/05 11:08:00 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Adobe
[2009/09/23 20:10:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Apple Computer
[2007/10/27 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\CyberLink
[2009/07/27 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\dvdcss
[2009/06/16 18:54:48 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GARMIN
[2007/10/28 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Google
[2008/12/16 23:01:04 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GTek
[2008/12/16 22:57:08 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Hewlett-Packard
[2007/10/27 15:59:56 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HP
[2009/11/15 22:56:15 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HpUpdate
[2007/10/24 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Identities
[2008/01/31 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\InstallShield
[2007/10/24 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Macromedia
[2008/05/29 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Media Center Programs
[2009/06/26 12:13:24 | 000,000,000 | --SD | M] -- C:\Users\langiaux\AppData\Roaming\Microsoft
[2008/08/26 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Mozilla
[2007/11/07 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Roxio
[2007/12/30 15:59:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Sony Corporation
[2008/04/17 11:20:42 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Symantec
[2009/05/04 13:24:22 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\TeamViewer
[2009/01/26 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Template
[2008/08/10 19:01:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2007/08/26 19:55:02 | 000,229,240 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\CDStart.exe
[2007/08/26 19:55:10 | 002,551,672 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe
[2008/01/29 21:29:22 | 000,778,080 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Stub.exe
[2007/08/08 18:27:50 | 001,234,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32\COH32.exe
[2007/08/08 18:42:44 | 001,985,584 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64\COH64.exe
[2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe
[2007/08/26 18:18:56 | 000,128,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\NavShcom.exe
[2007/08/26 18:19:02 | 000,245,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navw32.exe
[2007/08/26 18:19:02 | 000,061,288 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navwnt.exe
[2007/08/24 20:52:12 | 000,370,032 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\COExport.exe
[2007/08/24 20:51:48 | 000,095,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\coVisPrx.exe
[2007/08/24 20:26:26 | 000,288,088 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe
[2007/08/22 14:44:58 | 000,031,576 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\FWCfg.exe
[2007/07/30 15:54:34 | 000,071,056 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\sshelper.exe
[2007/08/24 21:53:52 | 000,121,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nisoptui.exe
[2007/08/24 21:53:26 | 000,276,336 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nmapapp.exe
[2007/08/24 21:53:28 | 000,714,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\osCheck.exe
[2007/08/24 02:49:18 | 000,423,304 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUAC.exe
[2007/08/24 02:49:20 | 000,439,688 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUIStb.exe
[2007/08/24 02:48:46 | 000,513,416 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SSAutoRN.exe
[2007/08/24 02:49:12 | 000,607,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SYMCUW.exe
[2007/08/20 22:13:30 | 000,509,320 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\PIFSvc.exe
[2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SMNLnch.exe
[2007/08/22 19:28:42 | 002,344,312 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS\IdsInst.exe
[2007/08/24 21:53:26 | 000,442,736 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe
[2007/08/22 00:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\comHost.exe
[2007/08/22 00:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64\comHost.exe
[2007/08/13 17:06:10 | 001,018,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST\Sevntx64.exe
[2007/08/24 22:07:24 | 000,051,048 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccApp.exe
[2007/08/24 22:07:24 | 000,056,168 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccEvtMgr.exe
[2007/08/24 22:07:00 | 000,268,648 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccLgView.exe
[2007/08/24 22:07:06 | 000,046,440 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSetMgr.exe
[2007/08/24 22:07:38 | 000,875,880 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSEUPDT.exe
[2007/08/24 22:07:08 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSvcHst.exe
[2007/08/23 13:35:14 | 000,152,952 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUNOTIF.EXE
[2007/08/23 13:35:32 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUSDSVC.EXE
[2007/08/23 13:35:14 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\AUPDATE.EXE
[2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LSETUP.EXE
[2007/08/23 13:35:18 | 000,869,752 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUALL.EXE
[2007/08/23 13:35:26 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCBPRXY.EXE
[2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCheck.exe
[2007/08/23 13:35:24 | 003,192,184 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCOMSVR.EXE
[2007/08/23 13:35:20 | 000,804,216 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LuConfig.EXE
[2007/08/23 13:35:22 | 000,016,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\NotifyHA.exe
[2005/05/19 13:50:36 | 002,584,848 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI\wiupdate.exe
[2007/08/26 19:55:04 | 000,074,616 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools\ISRlRstr.exe
[2008/01/29 21:25:36 | 000,160,112 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover\Remover.exe
[2007/08/26 17:04:20 | 000,985,448 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\Reporter.exe
[2007/08/13 17:06:08 | 000,824,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST\Sevinst.exe
[2007/08/23 21:52:46 | 000,661,896 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe
[2007/08/26 17:04:18 | 000,687,976 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe
[2007/08/09 11:55:44 | 000,136,544 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe
[2007/08/23 18:25:44 | 000,035,192 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\HSLoader.exe
[2007/08/23 18:25:48 | 000,036,728 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\isUAC.exe
[2007/08/23 18:25:52 | 000,042,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLULdr.exe
[2007/08/23 18:25:54 | 000,082,808 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLUStb.exe
[2007/08/23 18:26:06 | 000,081,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\uiStub2.exe
[2007/02/12 19:10:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist32.exe
[2007/02/12 19:10:44 | 003,161,088 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist64.exe


< MD5 for: AGP440.SYS >
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-05 06:13:23
< End of report >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-05 06:13:23

< End of report >
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 8 Fév 2010 - 8:58

Bonjour
as tu sauvegardé tes documents comme demandé ??? par sécurité avant de faire toutes manipulations.


1.Le ralentissement que tu as pu percevoir peut provenir de la mise à jour de vista que je vois en cours dans hijackthis le 5 février.

Code:
C:\Windows\system32\wuauclt.exe
Je n'ai apparemment pas vu d'infections pour le moment, je continue d'analyser ton rapport.

2.Dans le rapport je vois la présence de ce programme : Norton Internet Security, et je vois que tu utilises antivir comme antivirus.
On doit désactiver le service si tu ne l'utilises plus.

Code:
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
Est ce le cas ?
Si oui, je te donnerai la procédure dans ma prochaine réponse


3.Tu as la présence de deux toolbars :
Windows live toolbar
google toolbar
Elles ne sont pas obligatoires, et peuvent être aussi une des causes de ralentissements de ton navigateur.

Si tu ne les utilises pas, je te conseille de les désinstaller.

Clique sur le bouton démarrer
Rends toi dans le panneau de configuration, choisis programmes et fonctionnalités,
dans la liste
Rends toi vers google toolbar et clique sur le bouton désinstaller
puis
rends toi vers windows live toolbar et clique sur le bouton désinstaller.

Nous pourrons précéder à une optimisation de ton système si tu es d'accord, en allégeant ton démarrage vista.
Certains logiciels ne sont pas nécessaires au bon fonctionnement de ton PC et ils peuvent être désactivés.
Si tu es d'accord, je te donnerai la procédure dans ma prochaine réponse.

4.
Citation :
Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.

Le rapport indique que tu as un soucis de cluster au niveau de ton disque dur.

Pour résoudre ce cas, effectue ceci :

Citation :
CHKDSK est une commande qui vérifie le système d'enregistrement des fichiers sur le disque (le système de fichiers). La commande CHKDSK /R fait souvent des miracles car elle détecte et élimine les clusters défectueux après en avoir, si possible, déplacé les fichiers

Attention suivant la capacité du disque dur le scan peut être un peu long mais il est nécessaire. Une redémarrage peut être nécessaire.

CHDSK
Ouvrir le poste de travail / Clic droit sur le disque dur / Propriétés
Onglet matériel : clique sur "Verifier les erreurs"
Cocher les deux cases.

Ou

CHKDSK en ligne de commande
Démarrer/ Executer taper la commande cmd
Puis taper : chkdsk c: /f /r ou c: est le disque dur à vérifier

NOTE:
- la commande /f corrige automatiquement les erreurs rencontrées.
- la commande /r détecte les "bad sectors" (secteurs endommagés) du disque et récupère les informations qui y sont toujours lisibles.

Un redémarrage est en général nécessaire afin que chkdsk puisse s'exécuter correctement (en mode /f ou /r), donc redémarrez le pc et chkdsk s'exécutera automatiquement.
Lorsque la vérification est terminée, le PC redémarrera normalement sous Windows

Ensuite il me faudra le rapport, je suis navrée d'avance car je ne connais que peu vista et j'espère te donner la bonne information pour trouver l'observateur d'évenements.

Citation :
L’Observateur d’événements est un outil avancé qui affiche des informations détaillées sur les événements significatifs de votre ordinateur. Ces informations peuvent s’avérer utiles pour résoudre des erreurs et des problèmes affectant Windows et d’autres programmes.

Pour ouvrir l’Observateur d’événements, cliquez sur le bouton Démarrer du bouton Démarrer, sur Panneau de configuration, sur Système et maintenance, sur Outils d’administration, puis double-cliquez sur Observateur d’événements.‌ Autorisation de l’administrateur nécessaire Si vous êtes invité à fournir un mot de passe administrateur ou une confirmation, fournissez le mot de passe ou la confirmation.

Dans la partie Journal d'applications, cherche dans la liste, l'évènement winlogon , double clic pour l'ouvrir et clique sur le bouton du presse papier pour copier le contenu.

Colle ensuite dans ta prochaine réponse le contenu du rapport de chkdsk.

J'attends :
des réponses à mes interrogations (2,3)
La confirmation de la désinstallatio de toolbars si tu les utilises, si non pourquoi les utilises tu ?
le rapport chkdsk
le rapport gmer demandé plus haut.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 8 Fév 2010 - 21:37

Oups Laddy merci beaucoup pour tout le mal que tu te donnes pour m'aider !
Alors d'abord les réponses :
(2) je ne sais pas pourquoi il y a encore une trace de Norton, en principe je l'avais désinstallé avant d'installer Avira.
(3) je ne sais pas pourquoi j'ai ces barres d'outils. Je supprime comme tu me l'indiques.

Je vais effectuer les rapports demandés.

J'ai bien recopié tous mes documents sur DD externe.

A bientot, encore merci.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 8 Fév 2010 - 22:03

J'ai supprimé Google toolbar, mais je ne trouve pas Windows Live Toolbar dans la liste;
j'ai "outil de téléchargement Windows Live" et aussi "Windows Live foldershare".Je ne pense pas que ce soit ceux-là, mais bon dis-moi.

A part ça j'ai oublié de te dire que je suis d'accord pour que me "dépoussières" Vista.

Merci, je me lance dans la suite.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 0:09

Bonsoir
J'ai effectué le chkdsk, il a réparé des clusters.
Par contre, pas moyen d'accéder au rapport. J'ai réussi à aller jusqu'à l'observateur d'évènements puis aux journaux des applications, et à "winlogon", mais ensuite il n'y a pas grand chose : juste marqué Diagnostic (analyse - nombre d'évènements : 0 - taille 4 Ko) et
operational (opérationnel - nb d'évènements : 0 - taille 68 Ko).

Désolée mais je ne trouve pas ce rapport.

Je vais faire Gmer maintenant.

A plus tard.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 0:18

Erreur 08/02/2010 22:46:28 Diagnostics-Performance 100 Analyse des performances de démarrage
Avertissement 08/02/2010 22:46:20 Diagnostics-Performance 203 Analyse des performances d’arrêt

voilà le genre de choses que j'ai trouvées dans l'observateur d'évènements
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 7:43

Ok ce n'est pas grave pour le rapport au moins tu as vu que le disque dur avait un soucis Very Happy



Il me faut un nouveau rapport de OTL,
Executes le en désactivant ta protection temporairement, clic droit et executer en tant qu'administrateur, clique sur le bouton quick scan.


J'attends :
Gmer
nouveau rapport OTL

Je ferai un script de nettoyage ensuite

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 9:00

merci
Gmer je n'y arrive pas ! Il a tourné toute la nuit et ce matin ça ne bougeait plus...et pas de rapport !
Est-ce qu'il faut le laisser + longtemps ?
De plus, dans le tuto ils disent qu'il faut le "décompresser" je ne sais pas ce que ça veut dire.
Donc j'ai peut-être mal lancé le truc ??

Je te fais OTL.

Bonne journée.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 9:29

voici le nouveau rapport OTL :
OTL logfile created on: 09/02/2010 08:07:17 - Run 2
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104,40 Gb Total Space | 51,65 Gb Free Space | 49,47% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MPFL
Current User Name: langiaux
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/09 08:05:57 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL(2).exe
PRC - [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2010/01/17 09:40:39 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/03/09 05:19:17 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 16:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 15:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
PRC - [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/25 07:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
PRC - [2008/02/11 20:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 20:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/02/11 20:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/02/11 20:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007/05/20 20:45:14 | 000,417,792 | ---- | M] () -- C:\Windows\System32\ServoApp.exe
PRC - [2007/03/28 16:45:14 | 000,176,128 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hp\QuickPlay\QPService.exe
PRC - [2007/03/01 12:18:36 | 000,472,776 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007/02/13 10:38:36 | 000,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/01/30 14:58:52 | 000,677,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2007/01/13 04:36:40 | 000,827,392 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/01/10 15:12:08 | 000,317,128 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/11/02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE
PRC - [2003/04/06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe


========== Modules (SafeList) ==========

MOD - [2010/02/09 08:05:57 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL(2).exe
MOD - [2006/11/02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique)
SRV - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/08/05 21:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/10/29 01:21:51 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/02/17 06:31:12 | 000,074,656 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/02/12 08:36:58 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2007/01/09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/11/02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/12/10 15:03:58 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/13 10:32:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007/12/30 18:13:12 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 03:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/05/06 21:44:16 | 000,034,944 | ---- | M] (None) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mfpec.sys -- (ALIWEHCD)
DRV - [2007/02/07 22:15:14 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte réseau Intel(R)
DRV - [2007/02/02 02:00:00 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/01/13 04:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/12/12 17:06:40 | 000,148,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006/11/30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/16 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/16 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/16 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:54 | 000,163,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e100b325.sys -- (E100B) Pilote de carte Intel (R)
DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/20 02:57:12 | 000,010,240 | ---- | M] (None) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfpvbus.sys -- (WUSBVBus)
DRV - [2006/06/28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/06/19 15:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/03 16:16:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/03 16:16:25 | 000,000,000 | ---D | M]

[2010/02/09 08:01:38 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2007/08/24 20:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2010/01/17 09:40:46 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/17 09:40:46 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/17 09:40:46 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/12/17 11:22:40 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/01/17 09:40:46 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/17 09:40:46 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE (BIGDOG)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Server Application] C:\Windows\System32\ServoApp.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG
O24 - Desktop BackupWallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/07 01:31:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{0ea0a963-8d4c-11de-ac7a-001b24509dcf}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 12:18:47 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mar 9 Fév 2010 - 9:31

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010/02/08 22:51:52 | 000,000,000 | ---D | C] -- C:\perflogs
[2010/02/08 22:51:52 | 000,000,000 | ---D | C] -- \perflogs
[2010/02/07 16:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2010/02/07 16:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2010/02/07 16:43:04 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll
[2010/02/07 16:43:04 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll
[2010/02/07 16:43:04 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll
[2010/02/07 16:43:04 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll
[2010/02/07 16:43:03 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll
[2010/02/07 16:37:19 | 000,382,240 | ---- | C] (Edimax Technology collaboration., Ltd) -- C:\Windows\System32\UninstMFP.exe
[2010/02/07 16:37:16 | 000,034,944 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpec.sys
[2010/02/07 16:37:16 | 000,010,880 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpcomp.sys
[2010/02/07 16:37:16 | 000,010,240 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpvbus.sys
[2010/02/07 16:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\MFP Server
[2010/02/07 16:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010/02/07 16:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2010/02/07 16:31:32 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2010/02/07 16:31:23 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBEGE.DLL
[2010/02/07 16:31:19 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BEGE.DLL
[2010/02/07 16:25:22 | 000,071,680 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escwiad.dll
[2010/02/04 17:35:59 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msado15.dll
[2010/02/04 17:35:59 | 000,015,872 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSKFR.DLL
[2010/02/04 17:35:58 | 000,572,416 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\shdoclc.dll
[2010/02/04 17:35:58 | 000,119,568 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6fr.dll
[2010/02/04 17:35:58 | 000,101,888 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
[2010/02/04 17:35:58 | 000,069,632 | --S- | C] (Accenture) -- C:\Windows\System32\Infobulle.ocx
[2010/02/04 17:35:58 | 000,057,344 | --S- | C] (JiangYuanDong) -- C:\Windows\System32\SaveJpeg.ocx
[2010/02/04 17:35:58 | 000,006,656 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\stdftfr.dll
[2010/02/04 17:35:14 | 001,355,776 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll
[2010/02/04 17:35:14 | 000,108,336 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX
[2010/02/04 17:35:13 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX
[2010/02/04 17:35:13 | 000,115,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2010/02/04 17:35:13 | 000,090,112 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msjro.dll
[2010/02/04 17:35:12 | 000,322,560 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPTR.DLL
[2010/02/04 17:35:12 | 000,311,296 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPT.DLL
[2010/02/04 17:35:12 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATGRD.OCX
[2010/02/04 17:35:12 | 000,187,712 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATREP.OCX
[2010/02/04 17:35:10 | 000,479,232 | --S- | C] (TB) -- C:\Windows\System32\CF2D_V2.ocx
[2010/02/04 17:35:10 | 000,141,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2010/02/04 17:35:10 | 000,131,856 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX
[2010/02/04 17:35:10 | 000,078,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2010/02/04 17:35:10 | 000,059,904 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL
[2010/02/04 17:35:09 | 000,015,360 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL
[2010/02/04 17:35:08 | 000,245,760 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\hxvz.dll
[2010/02/04 17:35:08 | 000,180,224 | --S- | C] (Intel Corporation) -- C:\Windows\System32\ijl11.dll
[2010/02/04 17:35:07 | 000,044,544 | --S- | C] (Hilgraeve, Inc.) -- C:\Windows\System32\hticons.dll
[2010/02/04 17:35:06 | 000,040,960 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL
[2010/02/04 17:35:06 | 000,033,280 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBRPRFR.DLL
[2010/02/04 17:35:06 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLSTFR.DLL
[2010/02/04 17:35:06 | 000,028,672 | --S- | C] (Tradition Bois) -- C:\Windows\System32\ftdbcf.dll
[2010/02/04 17:35:05 | 000,525,352 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGRID32.OCX
[2010/02/04 17:35:05 | 000,215,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLIST32.OCX
[2010/02/04 17:35:05 | 000,034,816 | --S- | C] (Apex Software Corporation) -- C:\Windows\System32\DBGRDFR.DLL
[2010/02/04 17:35:05 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATGDFR.DLL
[2010/02/04 17:35:05 | 000,021,504 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATRPFR.DLL
[2010/02/04 17:35:04 | 000,089,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCTLFR.DLL
[2010/02/04 17:35:04 | 000,032,768 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2010/02/04 17:35:04 | 000,028,672 | --S- | C] (Microsoft Corporation ) -- C:\Windows\System32\CMCT3FR.DLL
[2010/02/04 17:35:04 | 000,020,992 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCT2FR.DLL
[2010/02/04 17:35:02 | 000,016,384 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL
[2010/02/04 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cuisine Astuce
[2010/02/03 16:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/02/03 16:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/02/03 16:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- C:\Workspaces
[2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- \Workspaces
[2010/01/22 07:24:18 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/01/22 07:24:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/01/22 07:24:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/22 07:24:16 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/22 07:24:15 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/22 07:24:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/01/22 07:24:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/01/22 07:24:15 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/01/22 07:24:14 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/22 07:24:14 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/22 07:24:14 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2010/01/22 07:24:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/22 07:24:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/01/22 07:24:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/22 07:24:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/22 07:24:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/22 07:24:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/22 07:24:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/22 07:24:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/01/22 07:24:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010/01/14 00:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/01/14 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2010/01/13 07:11:25 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/01/13 07:11:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/13 07:11:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/13 07:11:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/01/13 07:11:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll

========== Files - Modified Within 30 Days ==========

[2010/02/09 08:06:07 | 003,145,728 | -HS- | M] () -- C:\Users\langiaux\ntuser.dat
[2010/02/09 08:05:16 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job
[2010/02/09 07:51:36 | 000,950,720 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/02/09 07:51:35 | 000,844,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/09 07:51:35 | 000,328,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/09 07:51:35 | 000,095,006 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/02/09 07:51:34 | 000,342,192 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/09 07:44:51 | 000,000,295 | ---- | M] () -- C:\Windows\win.ini
[2010/02/09 07:44:29 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/02/09 07:44:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/09 07:44:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/09 07:43:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/09 07:43:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/09 07:43:12 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/08 20:22:26 | 183,799,418 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/07 16:56:02 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2010/02/07 16:42:51 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manuel.lnk
[2010/02/07 16:35:02 | 000,000,765 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2010/02/07 16:34:36 | 000,000,025 | ---- | M] () -- C:\Windows\CDE SX400DEFGIPSDaFiNoSv.ini
[2010/02/05 22:33:58 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\IKEA Home Planner.lnk
[2010/02/04 17:35:59 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk
[2010/02/03 16:20:26 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/01 20:00:00 | 000,000,588 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - langiaux.job
[2010/01/31 14:23:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlangiaux.job
[2010/01/19 08:10:56 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/14 11:12:06 | 000,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/14 00:19:29 | 002,555,904 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/01/14 00:19:29 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/01/14 00:19:29 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2010/01/13 08:32:27 | 000,354,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010/02/07 16:56:02 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2010/02/07 16:43:04 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/02/07 16:43:04 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/02/07 16:43:04 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/02/07 16:43:04 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/02/07 16:43:04 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/02/07 16:43:04 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/02/07 16:43:04 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/02/07 16:43:04 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/02/07 16:43:04 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010/02/07 16:43:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/02/07 16:43:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/02/07 16:43:04 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/02/07 16:43:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/02/07 16:43:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/02/07 16:43:04 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010/02/07 16:43:04 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010/02/07 16:43:04 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/02/07 16:43:04 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/02/07 16:43:03 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/02/07 16:43:03 | 000,013,732 | ---- | C] () -- C:\Windows\System32\EPPICLocal_EN.cfg
[2010/02/07 16:43:03 | 000,006,442 | ---- | C] () -- C:\Windows\System32\EPPICLocal_IT.cfg
[2010/02/07 16:43:03 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_PT.cfg
[2010/02/07 16:43:03 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_BP.cfg
[2010/02/07 16:43:03 | 000,006,335 | ---- | C] () -- C:\Windows\System32\EPPICLocal_GE.cfg
[2010/02/07 16:43:03 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_FR.cfg
[2010/02/07 16:43:03 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_CF.cfg
[2010/02/07 16:43:03 | 000,006,122 | ---- | C] () -- C:\Windows\System32\EPPICLocal_DU.cfg
[2010/02/07 16:43:03 | 000,006,103 | ---- | C] () -- C:\Windows\System32\EPPICLocal_ES.cfg
[2010/02/07 16:43:03 | 000,005,817 | ---- | C] () -- C:\Windows\System32\EPPICLocal_KO.cfg
[2010/02/07 16:43:03 | 000,005,436 | ---- | C] () -- C:\Windows\System32\EPPICLocal_SC.cfg
[2010/02/07 16:43:03 | 000,002,889 | ---- | C] () -- C:\Windows\System32\EPPICLocal_RU.cfg
[2010/02/07 16:43:03 | 000,002,426 | ---- | C] () -- C:\Windows\System32\EPPICLocal_TC.cfg
[2010/02/07 16:42:51 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manuel.lnk
[2010/02/07 16:37:19 | 000,008,133 | ---- | C] () -- C:\Windows\System32\MFPscript.ini
[2010/02/07 16:37:17 | 000,417,792 | ---- | C] () -- C:\Windows\System32\ServoApp.exe
[2010/02/07 16:37:16 | 000,200,704 | ---- | C] () -- C:\Windows\System32\mfpcoins.dll
[2010/02/07 16:37:16 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ddschk.dll
[2010/02/07 16:37:16 | 000,000,548 | ---- | C] () -- C:\Windows\System32\cliktext.ini
[2010/02/07 16:35:02 | 000,000,765 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2010/02/07 16:34:36 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX400DEFGIPSDaFiNoSv.ini
[2010/02/04 17:35:59 | 001,138,688 | --S- | C] () -- C:\Windows\System32\vkUserControlsXP.ocx
[2010/02/04 17:35:59 | 000,169,984 | ---- | C] () -- C:\Windows\System32\glut.dll
[2010/02/04 17:35:59 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk
[2010/02/04 17:35:58 | 000,551,120 | --S- | C] () -- C:\Windows\System32\VBOGL.TLB
[2010/02/04 17:35:58 | 000,000,005 | ---- | C] () -- C:\Windows\System32\samsc.ocx
[2010/02/04 17:35:06 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll
[2010/02/03 16:20:26 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/02/03 15:04:58 | 183,799,418 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/01/19 08:10:56 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/01/14 00:10:56 | 002,555,904 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2010/01/14 00:10:56 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2010/01/14 00:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz
[2009/08/16 13:55:54 | 000,000,066 | ---- | C] () -- C:\Windows\QTW.INI
[2009/08/16 13:42:25 | 000,000,117 | ---- | C] () -- C:\Windows\QM.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () --
[2008/09/24 15:10:00 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm
[2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm
[2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm
[2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm
[2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt
[2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt
[2008/05/25 11:42:43 | 000,000,785 | ---- | C] () -- C:\Windows\wininit.ini
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz
[2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log
[2007/10/29 22:19:55 | 000,000,399 | ---- | C] () -- C:\Windows\CARTES.INI
[2007/10/27 16:06:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () --
[2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm
[2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm
[2007/05/07 01:22:40 | 000,000,511 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/02/27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/02/22 11:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll
[2006/12/13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr
[2005/05/08 05:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2001/01/15 10:40:04 | 000,016,896 | ---- | C] () -- C:\Windows\arrondi.dll
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010/02/08 21:13:31 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/02/09 08:05:16 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job

========== Purity Check ==========



========== Custom Scans ==========


< # %SYSTEMDRIVE%\*.* >

< %PROGRAMFILES%\*.* >
[2008/12/11 06:10:33 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %PROGRAMFILES%\*. >
[2010/02/07 16:46:20 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2007/05/07 01:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2009/03/23 19:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/02/14 10:14:20 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe(288)
[2008/07/20 15:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2008/09/26 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/06/30 18:53:26 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2009/09/23 19:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2008/03/29 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\CafeBible Gadget LSG
[2009/03/30 17:51:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2009/11/26 17:35:21 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/01/31 11:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/10/29 22:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Crapette Jardin Trains
[2010/02/06 11:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Cuisine Astuce
[2009/06/16 18:54:19 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/05/07 01:25:06 | 000,000,000 | ---D | M] -- C:\Program Files\EasyBits
[2010/02/07 16:48:25 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2007/10/24 17:52:46 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2009/06/16 18:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin
[2009/06/16 18:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin GPS Plugin
[2010/02/08 20:57:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/03 22:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2009/11/08 22:45:29 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2007/05/07 01:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ
[2010/02/01 01:15:51 | 000,000,000 | ---D | M] -- C:\Program Files\IKEA HomePlanner
[2010/02/07 16:58:49 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/01/23 07:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/02/03 16:19:22 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/02/03 16:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/03/28 10:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/01/10 00:01:51 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/07 16:37:19 | 000,000,000 | ---D | M] -- C:\Program Files\MFP Server
[2009/06/03 06:58:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2010/01/14 00:10:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ATS
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/07/13 16:00:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/01/20 20:19:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/06/03 06:53:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/06/03 06:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/10/16 22:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/07/13 15:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/07/20 15:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\MioNet
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/02/09 07:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2007/10/29 01:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/05/07 01:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2009/02/24 20:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Navilog1
[2007/11/05 14:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Neuf
[2009/03/24 06:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\NOS
[2009/07/30 18:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2008/07/20 15:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\Philips
[2009/08/16 13:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\quickmov
[2010/02/03 16:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2007/05/07 00:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2007/05/07 01:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2007/12/06 15:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2008/05/29 10:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/08/27 08:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2007/05/07 00:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/02/16 10:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro
[2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/12/08 20:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\Urgence Windows
[2009/09/23 19:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Utilitaire de configuration iPhone
[2008/08/10 17:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2007/10/29 08:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2007/10/29 08:54:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/10/10 13:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/06/03 06:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/01/13 08:25:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2009/11/02 08:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2007/10/24 17:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2008/01/10 03:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/01/01 01:14:07 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\2020 Fusion
[2009/04/05 11:08:00 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Adobe
[2009/09/23 20:10:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Apple Computer
[2007/10/27 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\CyberLink
[2009/07/27 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\dvdcss
[2009/06/16 18:54:48 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GARMIN
[2007/10/28 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Google
[2008/12/16 23:01:04 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GTek
[2008/12/16 22:57:08 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Hewlett-Packard
[2007/10/27 15:59:56 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HP
[2009/11/15 22:56:15 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HpUpdate
[2007/10/24 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Identities
[2008/01/31 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\InstallShield
[2007/10/24 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Macromedia
[2008/05/29 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Media Center Programs
[2009/06/26 12:13:24 | 000,000,000 | --SD | M] -- C:\Users\langiaux\AppData\Roaming\Microsoft
[2008/08/26 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Mozilla
[2007/11/07 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Roxio
[2007/12/30 15:59:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Sony Corporation
[2008/04/17 11:20:42 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Symantec
[2009/05/04 13:24:22 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\TeamViewer
[2009/01/26 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Template
[2008/08/10 19:01:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2007/08/26 19:55:02 | 000,229,240 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\CDStart.exe
[2007/08/26 19:55:10 | 002,551,672 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe
[2008/01/29 21:29:22 | 000,778,080 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Stub.exe
[2007/08/08 18:27:50 | 001,234,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32\COH32.exe
[2007/08/08 18:42:44 | 001,985,584 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64\COH64.exe
[2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe
[2007/08/26 18:18:56 | 000,128,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\NavShcom.exe
[2007/08/26 18:19:02 | 000,245,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navw32.exe
[2007/08/26 18:19:02 | 000,061,288 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navwnt.exe
[2007/08/24 20:52:12 | 000,370,032 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\COExport.exe
[2007/08/24 20:51:48 | 000,095,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\coVisPrx.exe
[2007/08/24 20:26:26 | 000,288,088 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe
[2007/08/22 14:44:58 | 000,031,576 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\FWCfg.exe
[2007/07/30 15:54:34 | 000,071,056 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\sshelper.exe
[2007/08/24 21:53:52 | 000,121,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nisoptui.exe
[2007/08/24 21:53:26 | 000,276,336 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nmapapp.exe
[2007/08/24 21:53:28 | 000,714,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\osCheck.exe
[2007/08/24 02:49:18 | 000,423,304 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUAC.exe
[2007/08/24 02:49:20 | 000,439,688 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUIStb.exe
[2007/08/24 02:48:46 | 000,513,416 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SSAutoRN.exe
[2007/08/24 02:49:12 | 000,607,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SYMCUW.exe
[2007/08/20 22:13:30 | 000,509,320 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\PIFSvc.exe
[2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SMNLnch.exe
[2007/08/22 19:28:42 | 002,344,312 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS\IdsInst.exe
[2007/08/24 21:53:26 | 000,442,736 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe
[2007/08/22 00:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\comHost.exe
[2007/08/22 00:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64\comHost.exe
[2007/08/13 17:06:10 | 001,018,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST\Sevntx64.exe
[2007/08/24 22:07:24 | 000,051,048 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccApp.exe
[2007/08/24 22:07:24 | 000,056,168 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccEvtMgr.exe
[2007/08/24 22:07:00 | 000,268,648 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccLgView.exe
[2007/08/24 22:07:06 | 000,046,440 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSetMgr.exe
[2007/08/24 22:07:38 | 000,875,880 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSEUPDT.exe
[2007/08/24 22:07:08 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSvcHst.exe
[2007/08/23 13:35:14 | 000,152,952 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUNOTIF.EXE
[2007/08/23 13:35:32 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUSDSVC.EXE
[2007/08/23 13:35:14 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\AUPDATE.EXE
[2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LSETUP.EXE
[2007/08/23 13:35:18 | 000,869,752 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUALL.EXE
[2007/08/23 13:35:26 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCBPRXY.EXE
[2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCheck.exe
[2007/08/23 13:35:24 | 003,192,184 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCOMSVR.EXE
[2007/08/23 13:35:20 | 000,804,216 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LuConfig.EXE
[2007/08/23 13:35:22 | 000,016,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\NotifyHA.exe
[2005/05/19 13:50:36 | 002,584,848 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI\wiupdate.exe
[2007/08/26 19:55:04 | 000,074,616 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools\ISRlRstr.exe
[2008/01/29 21:25:36 | 000,160,112 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover\Remover.exe
[2007/08/26 17:04:20 | 000,985,448 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\Reporter.exe
[2007/08/13 17:06:08 | 000,824,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST\Sevinst.exe
[2007/08/23 21:52:46 | 000,661,896 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe
[2007/08/26 17:04:18 | 000,687,976 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe
[2007/08/09 11:55:44 | 000,136,544 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe
[2007/08/23 18:25:44 | 000,035,192 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\HSLoader.exe
[2007/08/23 18:25:48 | 000,036,728 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\isUAC.exe
[2007/08/23 18:25:52 | 000,042,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLULdr.exe
[2007/08/23 18:25:54 | 000,082,808 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLUStb.exe
[2007/08/23 18:26:06 | 000,081,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\uiStub2.exe
[2007/02/12 19:10:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist32.exe
[2007/02/12 19:10:44 | 003,161,088 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist64.exe


< MD5 for: AGP440.SYS >
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-09 06:51:02

< >
< End of report >
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 7:34

Désolé de ma réponse tardive, il y a des travaux sur les lignes internet de mon quartier et je me retrouve sans le net

Je fais au plus vite

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 9:00

Pas de souci Laddy, je t'attends;

Merci encore, bonne journée.
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 10:44

Dans le panneau de configuration désinstalle via Programmes et fonctionnalités :

Apple Software Update
Bonjour


Désactive L'antivirus et antispyware....

OTM !





Citation :

:processes
explorer.exe

:files
C:\Program Files\Common Files\Symantec Shared
C:\Program Files\Bonjour
C:\Windows\MEMORY.DMP
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security

:services
Bonjour Service
Symantec RemoteAssist

::commands
[purity]
[emptytemp]
[start explorer]


  • Retourne dans OTM, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
  • Clique sur le bouton rouge Moveit!.
  • Ferme OTM.

Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes.

Poste le rapport de OTM dispo ici : C:\_OTM\MovedFiles



Hijackthis

Hijackthis est mal placé sur ton PC, il faut qu'il soit bien installé pour créer un dossier de sauvegarde. (C:\Program files\Trend Micro\Hijackthis)

- Télécharge HiJackThis de Merijn sur ton bureau.

    - Double-clic sur HijackThis pour l'installer et l'exécuter une fenêtre va s'ouvrir
    - Génère un rapport en suivant ces indications :
    - Exécute le et clique sur Do a system scan only.


Coche les lignes suivantes :

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

Fermes toutes tes applications y compris ton navigateur internet, Clique sur le bouton fix checked .

Reposte moi un rapport hijackthis pour cela, retourne sur la page principale en cliquant sur le bouton main menu
, clique sur le 1er bouton Do a system scan and save a logfile.
Le bloc note va s'ouvrir, copie coller le contenu du rapport dans ta prochaine réponse.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 22:55

j'ai fait OTM mais j'ai du mal à trouver le rapport: est-ce que c'est celui-là ? (que j'ai trouvé en faisant "ordinateur" puis en choisissant "C" et OTM dans "rechercher") (et pourquoi j'ai encore Symantec là-dedans ? j'avais désinstallé Norton); je te l'envoie mais si ce n'est pas ça, dis-moi où le trouver.
Merci.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\Common Files\Symantec Shared\Support Controls folder moved successfully.
C:\Program Files\Common Files\Symantec Shared\CCPD-LC folder moved successfully.
C:\Program Files\Common Files\Symantec Shared folder moved successfully.
File/Folder C:\Program Files\Bonjour not found.
C:\Windows\MEMORY.DMP moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMTHM folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMHTML folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SPManfst folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Manifest folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\frames folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\buttons folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Manifest folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Drivers folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\XP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\Vista folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32\Drivers folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\SRTSP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\Manifest folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\MANIFEST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate\LUMfests folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c\01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c\01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SYSTEM32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SPMANI~1 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\MANIFEST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\CFMan folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore\AppCore folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\NPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\frames folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\buttons folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64\Drivers folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32\Drivers folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\Manifest folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon\ccCmn64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData\Dict folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\Options folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\ncwHyPEX folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\MANIFEST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF\CFMan folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CCPD-LC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\HTEC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\Dist folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\CF folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\IDSDefs folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\MANIFEST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec\LUREGMAN folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\InitDefs folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\drivers folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusDef folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusD64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON\Tasks folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SPBBC folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\MANIFEST folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\0c01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH64 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH32 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c\01 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0 folder moved successfully.
C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security folder moved successfully.
========== SERVICES/DRIVERS ==========
Error: No service named Bonjour Service was found to stop!
Unable to stop service Bonjour Service!
Service Symantec RemoteAssist stopped successfully!
Service Symantec RemoteAssist deleted successfully!
Error: Unable to interpret <::commands> in the current context!
Error: Unable to interpret <[purity]> in the current context!
Error: Unable to interpret <[emptytemp]> in the current context!
Error: Unable to interpret <[start explorer]> in the current context!

OTM by OldTimer - Version 3.1.8.0 log created on 02102010_213603


Je vais faire HiJackthis maintenant.
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 23:28

Bon voilà la suite !
Dans HiJack this, je n'ai pas trouvé toutes les lignes que tu m'avais dit de cocher :
1) pas de lignes commençant par IE ; il semble que les lignes correspondantes commencent par R1
2) pas de lignes commençant par O16

Dans le doute je n'ai pas coché celles commençant par R1 au lieu de IE (je suppose que tu vas me dire de le faire, mais j'avais peur de faire des bêtises scratch )

3) voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:27, on 10/02/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\ServoApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6732 bytes
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Mer 10 Fév 2010 - 23:32

ah aussi je n'ai pas trouvé la ligne 03 HKCU\.\Toolbar\WebBrowser (&Windows Live Toolbar) (je ne recopie pas les chiffres...)
ni O4 HKLM\Run [] File not found

voilà, c'est tout pour ce soir...

dodo maintenant pour ma part !!

Sleep
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 11 Fév 2010 - 8:26

Bonjour

Ouvre hijackthis et coche les lignes suivantes :


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

Fermes toutes les applications y compris ton navigateur internet :
Clique sur le bouton fix checked

Via le panneau de configuration, programmes et fonctionnalités

Désinstalle si tu le trouves le programme Navilog1.
Si tu ne le trouves pas :

Supprime le dossier Navilog1 : C:\Program Files\Navilog1

Supprime également les fichiers : C:\cleannavi.txt et C:\fixnavilog.txt


ensuite je vais essayer un truc pour RSIT.

RSIT
Télécharge random's system information tool (RSIT) par random/random et sauvegarde le sur ton Bureau

    * Fais un clic droit sur RSIT.exe et rends toi dans l'onglet compatibilité, choisis Mode xp, valide.
    * Refais un clic droit sur RSIT.exe et execute le "En tant qu'administrateur"
    * Double-clic sur RSIT.exe pour l'exécuter.
    * Clique sur le bouton "Continue" sur la fenêtre d'avertissement.
    * Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (c:\rsit)
    * Poste les dans ta prochaine réponse

Note : un rapport hijackthis est contenu dans le rapport log.txt

Si tes rapports sont trop long utilise ce site : http://www.miraclesalad.com/webtools/clip.php
Copie/coller ton rapport et clique sur le lien IP ADRESSE copie coller ton IP dans la zone adéquate puis clique sur le bouton Paste to new clipboard
Donne le lien dans ta prochaine réponse.
Il est de type : http://www.miraclesalad.com/webtools/clip.php?clip=XXXX ou xxxx est un numéro.

Si ça ne fonctionne pas, refais un scan OTL en cliquant sur Quick Scan.

Comment va ton PC avec cette optimisation ?

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 11 Fév 2010 - 8:53

Bonjour
Je réponds d'abord à ta dernière question : mon PC va BEAUCOUP mieux depuis ce que tu m'as fait faire. Il est beaucoup + rapide à l'ouverture & à la fermeture, et aussi en service !

Donc déjà MERCI !

La suite pour ce soir...je n'ai guère de temps le matin.

2 questions toutefois :
1) tu me dis (à chaque téléchargement) : télécharge (tel programme) et sauvegarde-le sur ton bureau. C'est quoi "sauvegarder sur le bureau" ? je ne sais pas faire ça. Du coup j'ai toujours du mal à retrouver ce que j'ai téléchargé...
2) pourquoi est-ce que j'ai tous ces programmes inutiles qui me ralentissent ? c'est moi qui les ai mis ? d'où sortent-ils ?

Bonne journée Laddy !
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Jeu 11 Fév 2010 - 9:12

A ce soir, pas de problème, ma réponse suivant l'heure sera le lendemain Smile

1. Quand tu télécharges un programme, il est surement téléchargé dans un dossier dédié :
exemple : C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe
Or lors de nos procédures nous demandons à ce que les outils soient mis sur ton bureau.
Dans tu te rends dans ton dossier de téléchargement, tu fais un clic droit sur l'outil puis tu choisis couper, tu te rends sur ton bureau et tu le colles clic droit coller.

2. Les services et programmes inutiles :
Certains sont livrés avec les PC de marque.
Lorsque tu installes un logiciel il est doté d'une certaine configuration, comme par exemple, regarder si une mise à jour est disponible automatiquement.
Or parfois il n'est pas nécessaire d'avoir des services toujours activés, il suffit de se tenir un peu ou courant.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 12 Fév 2010 - 11:19

Bonjour Laddy
Voici le nouveau rapport HiJackThis après suppression des lignes R0 et R23 demandées.
(pas eu la force de le faire hier soir, j'ai un gros rhume et je suis crevée...heureusement je ne travaille pas aujourd'hui je peux me reposer ! reprise du boulot demain, mais aujourd'hui j'ai le temps de m'occuper de mon ordi).
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:40, on 12/02/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\ServoApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5742 bytes
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 12 Fév 2010 - 11:23

Ah zut je crois que ce n'est pas tout à fait ça qu'il fallait faire : je viens de voir que le rapport HIJack serait compris dans le rapport RSIT.
Mais comme je ne suis pas très habile avec l'informatique, j'ai pris tes instructions une par une : j'ai commencé par les lignes à cocher dans Hijack, maintenant je vais supprimer Navilog dans Pg et Fct, et je vais ensuite passer à RSIT.

J'espère que cela ira quand même, désolée Embarassed
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 12 Fév 2010 - 11:27

Je n'ai pas navilog dans Programmes et fonctionnalités (je vais faire l'autre manip) par contre je trouve " Symantec Technical Support Web Controls" : je le laisse celui-là ??

Désolée pour mes questions sans fin...
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 12 Fév 2010 - 11:37

encore moi : j'ai supprimé navilog + cleannavi + fixnavilog, ils sont juste partis dans la corbeille : ça suffit ?
Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Ven 12 Fév 2010 - 11:54

problème avec RSIT : AutoIt Error : Line -1 : Error : Subscript used with non-Array variable.

que faire ???
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 10:23

Hmmm malheureusement je ne sais pas si je peux réparer cette erreur comme sous windows xp : http://www.commentcamarche.net/faq/25150-rsit-autoit-error


Pour finir :

Télécharge SecuScan de Laddy & Batch_Man sur ton bureau

Sous Windows Vista: Fais un clique droit dessus SecuScan.bat et clique sur Exécuter en tant qu'administrateur

Sous Windows XP: Double clique sur SecuScan.bat

Choisis l'option 1 puis attends, le programme va te demander d'appuyer sur une touche quand il aura fini, fais le un

rapport va s'ouvrir, poste-le.

S'il ne s'ouvre pas, il est placé dans ton disque dur ( C:\ normalement ) au nom de SecuScan.txt

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 12:03

hello Laddy

ça ne marche pas pour RSIT Sad

(c'est où "exécuter" sur Vista ?? je l'ai tapé dans "rechercher", ce n'est peut-être pas ça).


Je fais Seruscan , je te le poste.

Bonne journée.
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 12:05

Laisse pour Rsit
fais secuscan

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 12:11

SecuScan v.2.02 par Batch_Man & Laddy
Début a 11:08 le 15/02/2010
Système d'exploitation: Windows Vista (TM) Home Premium
langiaux : Compte administrateur
Processeur : Intel(R) Celeron(R) M CPU 520 @ 1.60GHz
Mode de boot: Normal
Lancé de C:\Users\langiaux\Desktop\SecuScan.bat
Choix 1 [SecuList]


+-----------[Versions programmes connus]

Java : 1.6.0_13
Acrobat Reader : 9.0
Mozilla Firefox : 3.5.7 (fr)
Internet Explorer : 7.0.6000.16982
Flash Player (IE) : 10,0,22,87
Windows Media Player : 11,0,6000,6353
Flash Player (Firefox) : 10.0.32.18
Shockwave Player (IE) : 1151601
ShockwavePlayer (Firefox) : 1151601


+-----------[Logiciels de securité]

Kaspersky Online Scanner
Avira AntiVir Personal - Free Antivirus
Symantec Technical Support Web Controls
Malwarebytes' Anti-Malware


+-----------[Logiciels de P2P]



+-----------[Modification du fichier Hosts]

Modifiée: ::1 localhost


+-----------[Pare-Feu Windows - ACTIVE]

[HKLM\SYSTEM\...\AuthorizedApplications\List]



+-----------[Centre de securité - ACTIVE]

Le système controle l'antivirus
Le système controle le firewall
Le système controle les mises a jour


+-----------[Autres]

Mises à jour automatiques activées
La restauration système est activée

Attention: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System,EnableLUA = 0x0 - UAC désactivé !!!

HKEY_LOCAL_MACHINE\..\Winlogon,Shell=explorer.exe
HKEY_LOCAL_MACHINE\..\Winlogon,Userinit=C:\Windows\system32\userinit.exe,

+-----------[Autres rapports]

[15/02/2010 11:09 - 1708] Choix 1 (SecuList) > C:\SecuScan\SecuScan-2.txt

+-----------[Fin a 11:09 le 15/02/2010]
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 12:25

Tu as deux programmes sujets aux failles de sécurité qui doivent être mis à jour.

La machine Java :

Mise à jour Machine JAVA
Ta version de Java est complètement obsolète et donc pleine de failles de sécurité qui peuvent être exploitées par les malwares.
Javara te permettra de faire la mise à jour et de supprimer les anciennes versions :

Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.

    * Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
    * Double-clique sur le répertoire JavaRa obtenu
    * Execute le fichier JavaRa.exe (le exe peut ne pas s'afficher) en faisant un clic droit puis choisir executer en tant qu'administrateur.
    * Choisis dans le menu déroulante : French
    * Clique sur Recherche de mise à jour s
    * Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher
    * Autorise le processus à se connecter s'il te le demande, clique sur Installer et suis les instructions d'installation. Cela prendra quelques minutes.
    * Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Effacer les anciennes versions
    * Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
    * Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log)
    * Ferme l'application



-Acrobat Reader 9.3 :
Mets à jour ta version acrobat reader en allant sur cette page : http://get.adobe.com/fr/reader/
Une fois fait,
Dans Ajout/Suppression des programmes tu supprimes toutes les autres versions.



Note : La dernière version de firefox est : 3.6
tu peux mettre à jour si tu le désires.

Vérifie aussi que flashplayer est à jour, version actuelle : 10.0.45.2
Rends toi sur cette page : http://get.adobe.com/fr/flashplayer/
décoche la case McAfee® Security Scan Plus gratuit (en option)

Instruction installation : http://www.adobe.com/fr/products/reader/dlm/firefox_steps.html

Une installation manuelle pour le plugin est peut etre nécessaire.
Télécharger le fichier gp.xpi sur ton bureau.
Puis dans firefox : rends toi dans outils puis modules complementaires
Dans la fenêtre en bas à gauche, clique sur le bouton Installer ouvre gp.xpi
A la seconde fenêtre, clique sur oui, puis installer maintenant
Redemarre firefox, un fichier html veut être enregister sur ton bureau, libre à toi de le telecharger ou non (personnellement j'en ai pas besoin)
Une fenetre download manager d'adobe sera ouvert et te proposera de mettre à jour flash player.


Poste un nouveau rapport secuscan ensuite.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 13:09

je ne peux pas télécharger Javara : erreur 403 forbidden

scratch
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 13:15


__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 13:36

Je suis un peu perdue !! désolée !
J'ai téléchargé JavaRa en suivant le lien, mais le clic droit ne me propose pas "extraire tout".
Je l'ai ouvert et j'ai 2 fenêtres :
1) MP-F ; AppData ; Local ; Temp; JavaRa.zip
avec dedans :
gpl-2.0.txt
Javara.def
Javara.exe

2) MP-F ;Documents ; JavaRa
avec dedans : les 3 mêmes choses.

J'ai fait une mauvaise manip ? que dois-je faire de tout cela ?

Par ailleurs j'ai aussi la fenêtre JavaRa 1.15 où j'ai coché "mettre à jour via jucheck.exe, mais quand je fais "rechercher" : rien ne se passe.

MERCI Laddy !!!!!!!!!!!
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages : 7927
Age : 39
Localisation : suisse
Date d'inscription : 14/03/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 13:52

Utilise la méthode manuelle dans ce cas:
Pff vista a surement des choses non communes à xp comme l'extraction...

Il faut executer javaRa.exe avec les droits administrateur comme indiqué par un clic droit et autoriser le fichier ds le parefeu


rends toi sur cette page : http://www.java.com/fr/download/
télécharge la mise à jour en cliquant sur le bouton télécharger gratuit java.
fais l'installation...
Puis rends toi dans la panneau de configuration, programmes et fonctionnalités et désinstaller l'ancienne version de java 6 up 13

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
mariep17
mégabibou
mégabibou


Féminin
Nombre de messages : 269
Age : 61
Localisation : charente-maritime
Date d'inscription : 02/06/2008

MessageSujet: Re: [Résolu]infection ou autre cause ?   Lun 15 Fév 2010 - 13:55

pour le plugin : où je trouve gp.xpi ?
(je n'arrive pas à faire la MAJ de Adobe)
Revenir en haut Aller en bas
Contenu sponsorisé




MessageSujet: Re: [Résolu]infection ou autre cause ?   Aujourd'hui à 2:44

Revenir en haut Aller en bas
 
[Résolu]infection ou autre cause ?
Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 3Aller à la page : 1, 2, 3  Suivant
 Sujets similaires
-
» [Résolu]infection ou autre cause ?
» [Résolu] Infection TR/GENDAL.KDV Besoin d'aide
» [Résolu] infection trouvée par MBAM
» [Résolu] infection par Searchqu.exe
» [Résolu] infection?

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens
-
Sauter vers: