|
Bibou Le Forum Portail sur la sécurité |
| | [Résolu]infection ou autre cause ? | |
| | |
Auteur | Message |
---|
mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: [Résolu]infection ou autre cause ? Jeu 4 Fév 2010 - 18:10 | |
| Bonjour à tous ! Depuis une quinzaine de jours, mon PC rame, il ralentit beaucoup et de temps en temps l'image à l'écran devient "pâle" et les touches & la souris ne répondent plus pendant quelques secondes. Ca revient après mais c'est quand même agaçant et une perte de temps permanente.
Je me demande s'il s'agit : d'une infection virale ? d'un encombrement du disque (trop chargé ?) d'un ralentissement de la connexion internet ?
Pouvez-vous m'aider à trouver la cause de mon problème ?
Merci.
PS : je fais régulièrement des nettoyages avec CCleaner et Maleware. J'ai Avira antivir personal comme antivirus.
Re PS : je crois que le problème a commencé après que j'ai fait une défragmentation. Un lien possible avec cette action ?? | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 4 Fév 2010 - 18:43 | |
| Bonjour peux tu réaliser ceci s'il te plait : Etape, 1,2, et 5 http://www.bibou0007.com/aide-a-la-desinfection-f8/procedure-a-suivre-avant-de-poster-t2887.htm
et poste les différents rapports je les analyserai ensuite | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 4 Fév 2010 - 19:27 | |
| ok laddy, j'ai fait l'étape 1 pour le moment, comme les autres sont plus longues je les ferai ce soir à la fermeture de mon ordi.
J'ai déjà Maleware et HiJackthis sur mon bureau (suite à un autre problème que les Bibou helpers m'avaient résolu) Donc je suppose que je n'ai pas besoin de re-télécharger Maleware, peux-tu me le confirmer ?
A bientôt et merci. | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 4 Fév 2010 - 19:58 | |
| Bonjour bien sur si il est deja installé inutile de le retelecharger par contre assures toi qu il soit à jour | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 5 Fév 2010 - 8:45 | |
| | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 5 Fév 2010 - 22:06 | |
| OK Laddy bon week end. Tu me répondras à ton retour, mais j'ai un problème avec RSIT : il ne veut pas faire ce que je lui demande, j'ai un message d'erreur : AutoIt Error - Line 1 - Error : subscript used with non-Array variable. Je peux déjà envoyer le rapport Maleware et j'ai aussi fait un rapport hijackthis parce que j'avais déjà cela sur mon bureau. Il manque Gmer mais comme c'est plus long je vais le faire plus tard.
Merci et profite bien de ton week end ! | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 5 Fév 2010 - 22:07 | |
| Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3690 Windows 6.0.6000 Internet Explorer 7.0.6000.16982
05/02/2010 06:59:46 mbam-log-2010-02-05 (06-59-46).txt
Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 263846 Temps écoulé: 1 hour(s), 26 minute(s), 3 second(s)
Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0
Processus mémoire infecté(s): (Aucun élément nuisible détecté)
Module(s) mémoire infecté(s): (Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté)
Dossier(s) infecté(s): (Aucun élément nuisible détecté)
Fichier(s) infecté(s): (Aucun élément nuisible détecté) | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 5 Fév 2010 - 22:09 | |
| Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:56:19, on 05/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal
Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hp\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Windows\VM_STI.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
-- End of file - 10122 bytes | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 11:56 | |
| Bonjour le rapport de hijackthis seul ne m'apporte rien de probant. Ormis faire une optimisation du démarrage de windows (alléger msconfig, désactivation de services inutiles), il ne rèvèle pas d'infections. Il faut aller plus loin Essaie ceci en faisant un clic droit sur l'executable et en choisissant Executer en mode administrateur.
- Clique ici pour télécharger OTL (de Old Timer) sur ton bureau
- Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
- Coche Lop Check et Purity check
- Sous Custom Scans (en bas), copie/colle ceci
%SYSTEMDRIVE%\*.* %PROGRAMFILES%\*.* %PROGRAMFILES%\*. %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s netsvcs msconfig safebootminimal safebootnetwork activex drivers32 /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys /md5stop HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs CREATERESTOREPOINT
- Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.
- A la fin du scan, deux rapports s'ouvriront (OTL.Txt et Extras.Txt). Copie/colle ici l'ensemble des rapports.
PS : Les rapport sont aussi enregistrés sur le bureau | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 14:00 | |
| Laddy, je ne trouve pas les rapports ! A la fin du scan, mon ordi a redémarré, et je ne trouve pas les rapports sur mon bureau. Quels devraient être leurs noms sur le Bureau ? Où puis-je les récupérer ? Sinon, je refais un scan ? Merci | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 14:12 | |
| Tout est noté sur le texte donné plus haut. Etrange que le PC ait rebooté... A mon avis OTL a planté si les rapports ne sont pas sur le bureau. Essaie de le relancer en désactivant ton antivirus, fermer toutes les applications en cours y compris ton navigateur. si il ne fonctionne toujours pas essaie ceci qui était aussi demandé. Télécharge Gmer. ([#006dff] Przemyslaw Gmerek[/#006dff])
- Dézippe-le dans un dossier dédié ou sur ton Bureau.
- Déconnecte toi d'Internet puis ferme tous les programmes.
- Double-clique sur Gmer.exe.
Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
- Clique sur l'onglet Rootkit.
- A droite, coche seulement Files, Services & Registry.
- Clique maintenant sur Scan.
- Lorsque le scan est terminé, clique sur Copy.
- Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
- Le rapport doit alors apparaître.
- Enregistre le fichier sur ton Bureau et poste le contenu ici.
Bon dimanche | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 14:20 | |
| Merci Laddy, je réessaye.
J'avais bien vu pour Gmer mais je n'avais pas réussi à le faire, je peux réessayer si besoin.
Je refais déjà OTL sans antivirus.
A +. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 14:48 | |
| OTL Extras logfile created on: 07/02/2010 14:33:23 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 104,40 Gb Total Space | 53,35 Gb Free Space | 51,11% Space Free | Partition Type: NTFS Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MPFL Current User Name: langiaux Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" %* txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3B0C3EEE-80D3-4656-8C46-ECDCB79C59D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{CBE58CB8-DE3E-44A9-A9BE-67924CABDD89}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{21C3536F-33BF-4144-8511-48445344A128}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{2C4DD452-5F27-4A44-9160-0815B6D777AA}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{5E0A874A-125B-4300-BD90-4009A1AFCCAC}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{621687BB-BBF5-4EEA-97A6-C1CF0420F310}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{A2ED1BB8-1A84-4D55-893D-0B6377FE571B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A71661A7-434D-48AE-842A-D8C8919B9A1D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{B0A209F6-F402-4576-9EFC-8E302A10903B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BC1B5170-655E-4F98-8F03-9C4172275284}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{BD458E3F-ADFA-46D7-8527-1F1B97C7893A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CF1A04C1-4F4E-4274-996E-C4C6B6AB6546}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{E4B467EC-4B9C-482F-8066-A1EA358522C7}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{E6F2D5A4-1AAB-4761-BD62-C7D56DBEABD3}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "TCP Query User{55442E0F-6425-437E-81FF-DA0BA2162F44}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{C123EAB8-38F4-44C3-BA62-9B3CD1E96220}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0018040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 Runtime "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0 "{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID "{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13 "{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support "{336A609A-6ECC-4E05-B320-CCC085BF7EA7}" = MSCU for Microsoft Vista "{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module "{39523EA4-F914-4447-A551-2513766095F5}" = ESU for Microsoft Vista "{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0 "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.2 "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = Photo et imagerie HP 2.0 - All-in-One Pilote "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}" = Garmin Communicator Plugin "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9028040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional avec FrontPage "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9867A917-5D17-40DE-83BA-BEA5293194B1}" = Photo et imagerie HP 2.0 - All-in-One "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1 "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4 "{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner "{B376402D-58EA-45EA-BD50-DD924EB67A70}" = Disque de souvenirs HP "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9 "{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar "{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone "{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components "{FCCC555E-166C-426A-A98C-39C80AE7C081}" = HP User Guides 0082 "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner (remove only) "CNXT_HDAUDIO" = Conexant HD Audio "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "Cuisine Delinia_is1" = Cuisine Delinia 3.1.12 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HijackThis" = HijackThis 2.0.2 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Photosmart Essential" = HP Photosmart Essential 2.0 "HP PSC 1200 Series" = Photo et imagerie HP 2.0 - hp psc 1200 series "Kaspersky Online Scanner" = Kaspersky Online Scanner "La Crapette, le Jardin, les Trains_is1" = La Crapette, le Jardin, les Trains "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "Neuf_Kit" = Neuf - Kit de connexion "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SynTPDeinstKey" = Synaptics Pointing Device Driver "Urgence Windows_is1" = Urgence Windows 10.02b "VLC media player" = VideoLAN VLC media player 0.8.6i "WinLiveSuite_Wave3" = Installation Windows Live "zacbfdlaz" = Favorit "ztgbfas" = Favorit ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SquareClock_Production_FLY" = Cuiclic ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = VSS | ID = 12293 Description = Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = System Restore | ID = 8193 Description = Error - 29/10/2008 07:55:47 | Computer Name = MPFL | Source = System Restore | ID = 8210 Description = Error - 12/11/2008 18:51:08 | Computer Name = MPFL | Source = System Restore | ID = 8193 Description = Error - 12/11/2008 18:51:08 | Computer Name = MPFL | Source = System Restore | ID = 8210 Description = Error - 13/11/2008 02:03:39 | Computer Name = MPFL | Source = MsiInstaller | ID = 11706 Description = Error - 13/11/2008 02:03:43 | Computer Name = MPFL | Source = MsiInstaller | ID = 1024 Description = Error - 16/11/2008 06:50:32 | Computer Name = MPFL | Source = Application Hang | ID = 1002 Description = Le programme msaccess.exe version 9.0.0.2719 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 6e0 Heure de début : 01c947d782037e98 Heure de fin : 43 Error - 29/11/2008 14:13:54 | Computer Name = MPFL | Source = MsiInstaller | ID = 11706 Description = Error - 29/11/2008 14:13:58 | Computer Name = MPFL | Source = MsiInstaller | ID = 1024 Description = [ Media Center Events ] Error - 13/01/2010 19:29:26 | Computer Name = MPFL | Source = Media Center Guide | ID = 0 Description = ? [ OSession Events ] Error - 25/01/2009 18:18:44 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 26316 seconds with 17460 seconds of active time. This session ended with a crash. Error - 15/02/2009 13:32:48 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18553 seconds with 8400 seconds of active time. This session ended with a crash. Error - 17/09/2009 03:55:13 | Computer Name = MPFL | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 1310 seconds with 660 seconds of active time. This session ended with a crash. [ System Events ] Error - 07/02/2010 08:37:50 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:37:54 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:37:59 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:38:03 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:49:11 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:49:14 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:49:16 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:49:18 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 08:49:20 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. Error - 07/02/2010 09:23:13 | Computer Name = MPFL | Source = disk | ID = 262151 Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux. < End of report > | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 14:51 | |
| le raport OTL.Txt est trop gros ! est-ce que je peux le couper en 2 et l'envoyer en 2 fois ? | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 17:56 | |
| Oui ou utilises un site tel que cijoint.com Mais je peux de suite te dire que ton disque dur a un sérieux problème : - Citation :
- Description = Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Je te donnerai plus d'info une fois que j'aura analysé tes rapports demain matin Je serai toi sauvegarde de suite tous tes documents sur différents supports amovibles | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 19:52 | |
| OTL logfile created on: 07/02/2010 14:33:23 - Run 1 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 104,40 Gb Total Space | 53,35 Gb Free Space | 51,11% Space Free | Partition Type: NTFS Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MPFL Current User Name: langiaux Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/02/07 12:16:59 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL.exe PRC - [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe PRC - [2009/03/09 05:19:17 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009/02/06 16:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2009/01/26 21:56:52 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/12/08 15:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuschd2.exe PRC - [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/25 07:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe PRC - [2008/02/11 20:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe PRC - [2008/02/11 20:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe PRC - [2008/02/11 20:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe PRC - [2008/02/11 20:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe PRC - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe PRC - [2007/03/28 16:45:14 | 000,176,128 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hp\QuickPlay\QPService.exe PRC - [2007/03/01 12:18:36 | 000,472,776 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007/02/13 10:38:36 | 000,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2007/01/30 14:58:52 | 000,677,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2007/01/13 04:36:40 | 000,827,392 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007/01/10 15:12:08 | 000,317,128 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006/11/02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2005/08/19 14:14:28 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE PRC - [2003/04/06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe ========== Modules (SafeList) ========== MOD - [2010/02/07 12:16:59 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL.exe MOD - [2008/11/27 05:35:51 | 001,744,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll MOD - [2006/11/02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique) SRV - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/08/05 21:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/04/21 10:01:00 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service) SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) SRV - [2007/10/29 01:21:51 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2007/02/17 06:31:12 | 000,074,656 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2007/02/12 08:36:58 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2007/01/09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) SRV - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006/11/02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex) SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2009/12/10 15:03:58 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/07/13 10:32:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) DRV - [2007/12/30 18:13:12 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS) DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2007/06/20 03:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2007/02/07 22:15:14 | 001,786,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte réseau Intel(R) DRV - [2007/02/02 02:00:00 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2007/01/13 04:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/12/12 17:06:40 | 000,148,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService) DRV - [2006/11/30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2006/11/16 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006/11/16 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/16 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:54 | 000,163,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e100b325.sys -- (E100B) Pilote de carte Intel (R) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/06/28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2006/06/19 15:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 22:06:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/03 16:16:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/03 16:16:25 | 000,000,000 | ---D | M] [2010/02/06 21:45:36 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/01/17 09:40:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/03/23 19:24:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009/03/26 10:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2010/01/17 09:40:32 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2010/01/17 09:40:32 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2007/08/24 20:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll [2009/03/09 05:19:09 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2007/10/11 14:17:50 | 001,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2010/01/17 09:40:43 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006/10/26 19:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2009/12/21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2010/02/03 16:16:24 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010/02/03 16:16:25 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010/01/17 09:40:46 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/17 09:40:46 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/17 09:40:46 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/17 09:40:46 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009/12/17 11:22:40 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/01/17 09:40:46 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/17 09:40:46 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE (BIGDOG) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.) | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Dim 7 Fév 2010 - 19:53 | |
| et la suite : O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG O24 - Desktop BackupWallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/05/07 01:31:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O33 - MountPoints2\{0ea0a963-8d4c-11de-ac7a-001b24509dcf}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/02/04 17:35:59 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msado15.dll [2010/02/04 17:35:59 | 000,015,872 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSKFR.DLL [2010/02/04 17:35:58 | 000,572,416 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\shdoclc.dll [2010/02/04 17:35:58 | 000,119,568 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6fr.dll [2010/02/04 17:35:58 | 000,101,888 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL [2010/02/04 17:35:58 | 000,069,632 | --S- | C] (Accenture) -- C:\Windows\System32\Infobulle.ocx [2010/02/04 17:35:58 | 000,057,344 | --S- | C] (JiangYuanDong) -- C:\Windows\System32\SaveJpeg.ocx [2010/02/04 17:35:58 | 000,006,656 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\stdftfr.dll [2010/02/04 17:35:14 | 001,355,776 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll [2010/02/04 17:35:14 | 000,108,336 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX [2010/02/04 17:35:13 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX [2010/02/04 17:35:13 | 000,115,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX [2010/02/04 17:35:13 | 000,090,112 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msjro.dll [2010/02/04 17:35:12 | 000,322,560 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPTR.DLL [2010/02/04 17:35:12 | 000,311,296 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPT.DLL [2010/02/04 17:35:12 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATGRD.OCX [2010/02/04 17:35:12 | 000,187,712 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATREP.OCX [2010/02/04 17:35:10 | 000,479,232 | --S- | C] (TB) -- C:\Windows\System32\CF2D_V2.ocx [2010/02/04 17:35:10 | 000,141,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL [2010/02/04 17:35:10 | 000,131,856 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX [2010/02/04 17:35:10 | 000,078,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL [2010/02/04 17:35:10 | 000,059,904 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL [2010/02/04 17:35:09 | 000,015,360 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL [2010/02/04 17:35:08 | 000,245,760 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\hxvz.dll [2010/02/04 17:35:08 | 000,180,224 | --S- | C] (Intel Corporation) -- C:\Windows\System32\ijl11.dll [2010/02/04 17:35:07 | 000,044,544 | --S- | C] (Hilgraeve, Inc.) -- C:\Windows\System32\hticons.dll [2010/02/04 17:35:06 | 000,040,960 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL [2010/02/04 17:35:06 | 000,033,280 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBRPRFR.DLL [2010/02/04 17:35:06 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLSTFR.DLL [2010/02/04 17:35:06 | 000,028,672 | --S- | C] (Tradition Bois) -- C:\Windows\System32\ftdbcf.dll [2010/02/04 17:35:05 | 000,525,352 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGRID32.OCX [2010/02/04 17:35:05 | 000,215,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLIST32.OCX [2010/02/04 17:35:05 | 000,034,816 | --S- | C] (Apex Software Corporation) -- C:\Windows\System32\DBGRDFR.DLL [2010/02/04 17:35:05 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATGDFR.DLL [2010/02/04 17:35:05 | 000,021,504 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATRPFR.DLL [2010/02/04 17:35:04 | 000,089,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCTLFR.DLL [2010/02/04 17:35:04 | 000,032,768 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL [2010/02/04 17:35:04 | 000,028,672 | --S- | C] (Microsoft Corporation ) -- C:\Windows\System32\CMCT3FR.DLL [2010/02/04 17:35:04 | 000,020,992 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCT2FR.DLL [2010/02/04 17:35:02 | 000,016,384 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL [2010/02/04 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cuisine Astuce [2010/02/03 16:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/02/03 16:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/02/03 16:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- C:\Workspaces [2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- \Workspaces [2010/01/22 07:24:18 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/01/22 07:24:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/01/22 07:24:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/01/22 07:24:16 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010/01/22 07:24:15 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/01/22 07:24:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010/01/22 07:24:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010/01/22 07:24:15 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010/01/22 07:24:14 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/01/22 07:24:14 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/01/22 07:24:14 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll [2010/01/22 07:24:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010/01/22 07:24:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010/01/22 07:24:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/01/22 07:24:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/01/22 07:24:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/01/22 07:24:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/01/22 07:24:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/01/22 07:24:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010/01/22 07:24:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010/01/14 00:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010/01/14 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS [2010/01/13 07:11:25 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/01/13 07:11:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010/01/13 07:11:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/01/13 07:11:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/01/13 07:11:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz [2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz [2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () -- [2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () -- [2008/09/24 15:10:00 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm [2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm [2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm [2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm [2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm [2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm [2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm [2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm [2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt [2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt [2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt [2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz [2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz [2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log [2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log [2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () -- [2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () -- [2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm [2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm [2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm [2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm [2007/05/07 01:22:40 | 000,000,511 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2006/11/02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006/11/02 13:37:35 | 000,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [2006/11/02 13:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2006/11/02 13:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2006/11/02 13:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat [2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat [2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr [2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr ========== Files - Modified Within 30 Days ========== [2010/02/07 14:32:17 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/02/07 14:32:17 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/02/07 14:32:02 | 003,145,728 | -HS- | M] () -- C:\Users\langiaux\ntuser.dat [2010/02/07 13:46:11 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job [2010/02/07 12:41:02 | 000,798,068 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/02/07 12:41:02 | 000,797,960 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/02/07 12:41:02 | 000,295,790 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/02/07 12:41:02 | 000,284,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/02/07 12:41:02 | 000,042,226 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/02/07 12:39:56 | 000,000,295 | ---- | M] () -- C:\Windows\win.ini [2010/02/07 12:32:42 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/02/07 12:31:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/02/07 12:31:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/02/07 12:31:21 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys [2010/02/05 22:33:58 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\IKEA Home Planner.lnk [2010/02/04 17:35:59 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk [2010/02/03 16:20:26 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/02/03 15:06:07 | 202,047,002 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/02/01 20:00:00 | 000,000,588 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - langiaux.job [2010/01/31 14:23:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlangiaux.job [2010/01/19 08:10:56 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/01/14 11:12:06 | 000,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/01/14 00:19:29 | 002,555,904 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2010/01/14 00:19:29 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2010/01/14 00:19:29 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2010/01/13 08:32:27 | 000,354,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/01/08 23:48:40 | 000,000,399 | ---- | M] () -- C:\Windows\CARTES.INI ========== Files Created - No Company Name ========== [2010/02/04 17:35:59 | 001,138,688 | --S- | C] () -- C:\Windows\System32\vkUserControlsXP.ocx [2010/02/04 17:35:59 | 000,169,984 | ---- | C] () -- C:\Windows\System32\glut.dll [2010/02/04 17:35:59 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk [2010/02/04 17:35:58 | 000,551,120 | --S- | C] () -- C:\Windows\System32\VBOGL.TLB [2010/02/04 17:35:58 | 000,000,005 | ---- | C] () -- C:\Windows\System32\samsc.ocx [2010/02/04 17:35:06 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll [2010/02/03 16:20:26 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/02/03 15:04:58 | 202,047,002 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/01/19 08:10:56 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/01/14 00:10:56 | 002,555,904 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2010/01/14 00:10:56 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2010/01/14 00:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2009/08/16 13:55:54 | 000,000,066 | ---- | C] () -- C:\Windows\QTW.INI [2009/08/16 13:42:25 | 000,000,117 | ---- | C] () -- C:\Windows\QM.INI [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2008/05/25 11:42:43 | 000,000,785 | ---- | C] () -- C:\Windows\wininit.ini [2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2007/10/29 22:19:55 | 000,000,399 | ---- | C] () -- C:\Windows\CARTES.INI [2007/10/27 16:06:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2007/02/27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2007/02/22 11:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll [2006/12/13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/12/13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005/05/08 05:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2001/01/15 10:40:04 | 000,016,896 | ---- | C] () -- C:\Windows\arrondi.dll [1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== LOP Check ========== [2010/02/06 23:26:55 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/02/07 13:46:11 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2007/05/07 01:31:12 | 000,000,074 | ---- | M] () -- C:\autoexec.bat [2006/11/02 10:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr [2008/05/27 20:35:31 | 000,003,122 | ---- | M] () -- C:\cleannavi.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009/02/23 16:02:26 | 000,002,730 | ---- | M] () -- C:\fixnavi.txt [2010/02/07 12:31:21 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys [2008/03/10 09:49:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008/03/10 09:49:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/02/07 12:31:19 | 2450,980,864 | -HS- | M] () -- C:\pagefile.sys [2008/01/08 19:33:03 | 000,235,884 | ---- | M] () -- C:\Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz [2009/12/08 19:26:48 | 000,218,546 | ---- | M] () -- C:\Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz [2007/05/07 01:53:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2008/09/04 22:33:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2008/09/05 18:46:37 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2007/05/07 01:53:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2008/09/04 22:33:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2008/09/05 18:46:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2009/12/08 18:32:19 | 000,002,032 | ---- | M] () -- C:\urgence.log < %PROGRAMFILES%\*.* > [2008/12/11 06:10:33 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini < %PROGRAMFILES%\*. > [2007/05/07 01:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [2009/03/23 19:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2008/02/14 10:14:20 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe(288) [2008/07/20 15:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead [2008/09/26 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2009/06/30 18:53:26 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2009/09/23 19:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour [2008/03/29 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\CafeBible Gadget LSG [2009/03/30 17:51:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2009/11/26 17:35:21 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2010/01/31 11:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT [2007/10/29 22:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Crapette Jardin Trains [2010/02/06 11:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Cuisine Astuce [2009/06/16 18:54:19 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX [2007/05/07 01:25:06 | 000,000,000 | ---D | M] -- C:\Program Files\EasyBits [2007/10/24 17:52:46 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs [2009/06/16 18:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin [2009/06/16 18:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin GPS Plugin [2009/01/26 21:56:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2010/02/03 22:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard [2009/11/08 22:45:29 | 000,000,000 | ---D | M] -- C:\Program Files\Hp [2007/05/07 01:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ [2010/02/01 01:15:51 | 000,000,000 | ---D | M] -- C:\Program Files\IKEA HomePlanner [2010/02/03 22:25:25 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2010/01/23 07:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2010/02/03 16:19:22 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2010/02/03 16:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2009/03/28 10:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2010/01/10 00:01:51 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/06/03 06:58:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2010/01/14 00:10:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ATS [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games [2008/07/13 16:00:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2010/01/20 20:19:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2009/06/03 06:53:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition [2009/06/03 06:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework [2009/10/16 22:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2008/07/13 15:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2008/07/20 15:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\MioNet [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010/02/07 13:45:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2007/10/29 01:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2007/05/07 01:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies [2009/02/24 20:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Navilog1 [2007/11/05 14:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Neuf [2009/03/24 06:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\NOS [2009/07/30 18:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media [2008/07/20 15:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\Philips [2009/08/16 13:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\quickmov [2010/02/03 16:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2007/05/07 00:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio [2007/05/07 01:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2007/12/06 15:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer [2008/05/29 10:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2008/08/27 08:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\Sun [2007/05/07 00:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics [2009/02/16 10:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro [2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2009/12/08 20:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\Urgence Windows [2009/09/23 19:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Utilitaire de configuration iPhone [2008/08/10 17:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2007/10/29 08:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration [2007/10/29 08:54:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal [2009/10/10 13:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2009/06/03 06:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2010/01/13 08:25:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2009/11/02 08:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2007/10/24 17:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery [2008/01/10 03:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010/01/01 01:14:07 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\2020 Fusion [2009/04/05 11:08:00 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Adobe [2009/09/23 20:10:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Apple Computer [2007/10/27 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\CyberLink [2009/07/27 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\dvdcss [2009/06/16 18:54:48 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GARMIN [2007/10/28 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Google [2008/12/16 23:01:04 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GTek [2008/12/16 22:57:08 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Hewlett-Packard [2007/10/27 15:59:56 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HP [2009/11/15 22:56:15 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HpUpdate [2007/10/24 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Identities [2008/01/31 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\InstallShield [2007/10/24 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Macromedia [2008/05/29 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Malwarebytes [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Media Center Programs [2009/06/26 12:13:24 | 000,000,000 | --SD | M] -- C:\Users\langiaux\AppData\Roaming\Microsoft [2008/08/26 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Mozilla [2007/11/07 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Roxio [2007/12/30 15:59:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Sony Corporation [2008/04/17 11:20:42 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Symantec [2009/05/04 13:24:22 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\TeamViewer [2009/01/26 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Template [2008/08/10 19:01:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\vlc < %APPDATA%\*.exe /s > [2007/08/26 19:55:02 | 000,229,240 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\CDStart.exe [2007/08/26 19:55:10 | 002,551,672 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe [2008/01/29 21:29:22 | 000,778,080 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Stub.exe [2007/08/08 18:27:50 | 001,234,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32\COH32.exe [2007/08/08 18:42:44 | 001,985,584 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64\COH64.exe [2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe [2007/08/26 18:18:56 | 000,128,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\NavShcom.exe [2007/08/26 18:19:02 | 000,245,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navw32.exe [2007/08/26 18:19:02 | 000,061,288 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navwnt.exe [2007/08/24 20:52:12 | 000,370,032 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\COExport.exe [2007/08/24 20:51:48 | 000,095,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\coVisPrx.exe [2007/08/24 20:26:26 | 000,288,088 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe [2007/08/22 14:44:58 | 000,031,576 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\FWCfg.exe [2007/07/30 15:54:34 | 000,071,056 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\sshelper.exe [2007/08/24 21:53:52 | 000,121,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nisoptui.exe [2007/08/24 21:53:26 | 000,276,336 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nmapapp.exe [2007/08/24 21:53:28 | 000,714,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\osCheck.exe [2007/08/24 02:49:18 | 000,423,304 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUAC.exe [2007/08/24 02:49:20 | 000,439,688 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUIStb.exe [2007/08/24 02:48:46 | 000,513,416 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SSAutoRN.exe [2007/08/24 02:49:12 | 000,607,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SYMCUW.exe [2007/08/20 22:13:30 | 000,509,320 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\PIFSvc.exe [2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SMNLnch.exe [2007/08/22 19:28:42 | 002,344,312 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS\IdsInst.exe [2007/08/24 21:53:26 | 000,442,736 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe [2007/08/22 00:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\comHost.exe [2007/08/22 00:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64\comHost.exe [2007/08/13 17:06:10 | 001,018,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST\Sevntx64.exe [2007/08/24 22:07:24 | 000,051,048 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccApp.exe [2007/08/24 22:07:24 | 000,056,168 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccEvtMgr.exe [2007/08/24 22:07:00 | 000,268,648 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccLgView.exe [2007/08/24 22:07:06 | 000,046,440 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSetMgr.exe [2007/08/24 22:07:38 | 000,875,880 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSEUPDT.exe [2007/08/24 22:07:08 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSvcHst.exe [2007/08/23 13:35:14 | 000,152,952 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUNOTIF.EXE [2007/08/23 13:35:32 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUSDSVC.EXE [2007/08/23 13:35:14 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\AUPDATE.EXE [2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LSETUP.EXE [2007/08/23 13:35:18 | 000,869,752 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUALL.EXE [2007/08/23 13:35:26 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCBPRXY.EXE [2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCheck.exe [2007/08/23 13:35:24 | 003,192,184 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCOMSVR.EXE [2007/08/23 13:35:20 | 000,804,216 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LuConfig.EXE [2007/08/23 13:35:22 | 000,016,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\NotifyHA.exe [2005/05/19 13:50:36 | 002,584,848 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI\wiupdate.exe [2007/08/26 19:55:04 | 000,074,616 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools\ISRlRstr.exe [2008/01/29 21:25:36 | 000,160,112 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover\Remover.exe [2007/08/26 17:04:20 | 000,985,448 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\Reporter.exe [2007/08/13 17:06:08 | 000,824,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST\Sevinst.exe [2007/08/23 21:52:46 | 000,661,896 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe [2007/08/26 17:04:18 | 000,687,976 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe [2007/08/09 11:55:44 | 000,136,544 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe [2007/08/23 18:25:44 | 000,035,192 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\HSLoader.exe [2007/08/23 18:25:48 | 000,036,728 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\isUAC.exe [2007/08/23 18:25:52 | 000,042,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLULdr.exe [2007/08/23 18:25:54 | 000,082,808 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLUStb.exe [2007/08/23 18:26:06 | 000,081,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\uiStub2.exe [2007/02/12 19:10:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist32.exe [2007/02/12 19:10:44 | 003,161,088 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist64.exe < MD5 for: AGP440.SYS > [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-05 06:13:23 < End of report > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-05 06:13:23
< End of report > | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 8 Fév 2010 - 7:58 | |
| Bonjour as tu sauvegardé tes documents comme demandé ??? par sécurité avant de faire toutes manipulations. 1.Le ralentissement que tu as pu percevoir peut provenir de la mise à jour de vista que je vois en cours dans hijackthis le 5 février. - Code:
-
C:\Windows\system32\wuauclt.exe
Je n'ai apparemment pas vu d'infections pour le moment, je continue d'analyser ton rapport. 2.Dans le rapport je vois la présence de ce programme : Norton Internet Security, et je vois que tu utilises antivir comme antivirus. On doit désactiver le service si tu ne l'utilises plus. - Code:
-
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
Est ce le cas ? Si oui, je te donnerai la procédure dans ma prochaine réponse 3.Tu as la présence de deux toolbars : Windows live toolbar google toolbar Elles ne sont pas obligatoires, et peuvent être aussi une des causes de ralentissements de ton navigateur. Si tu ne les utilises pas, je te conseille de les désinstaller. Clique sur le bouton démarrer Rends toi dans le panneau de configuration, choisis programmes et fonctionnalités, dans la liste Rends toi vers google toolbar et clique sur le bouton désinstaller puis rends toi vers windows live toolbar et clique sur le bouton désinstaller. Nous pourrons précéder à une optimisation de ton système si tu es d'accord, en allégeant ton démarrage vista. Certains logiciels ne sont pas nécessaires au bon fonctionnement de ton PC et ils peuvent être désactivés. Si tu es d'accord, je te donnerai la procédure dans ma prochaine réponse. 4. - Citation :
- Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Le rapport indique que tu as un soucis de cluster au niveau de ton disque dur. Pour résoudre ce cas, effectue ceci : - Citation :
- CHKDSK est une commande qui vérifie le système d'enregistrement des fichiers sur le disque (le système de fichiers). La commande CHKDSK /R fait souvent des miracles car elle détecte et élimine les clusters défectueux après en avoir, si possible, déplacé les fichiers
Attention suivant la capacité du disque dur le scan peut être un peu long mais il est nécessaire. Une redémarrage peut être nécessaire. CHDSKOuvrir le poste de travail / Clic droit sur le disque dur / PropriétésOnglet matériel : clique sur "Verifier les erreurs" Cocher les deux cases. Ou CHKDSK en ligne de commandeDémarrer/ Executer taper la commande cmd Puis taper : chkdsk c: /f /r ou c: est le disque dur à vérifier NOTE:- la commande /f corrige automatiquement les erreurs rencontrées. - la commande /r détecte les "bad sectors" (secteurs endommagés) du disque et récupère les informations qui y sont toujours lisibles. Un redémarrage est en général nécessaire afin que chkdsk puisse s'exécuter correctement (en mode /f ou /r), donc redémarrez le pc et chkdsk s'exécutera automatiquement. Lorsque la vérification est terminée, le PC redémarrera normalement sous Windows Ensuite il me faudra le rapport, je suis navrée d'avance car je ne connais que peu vista et j'espère te donner la bonne information pour trouver l'observateur d'évenements. - Citation :
- L’Observateur d’événements est un outil avancé qui affiche des informations détaillées sur les événements significatifs de votre ordinateur. Ces informations peuvent s’avérer utiles pour résoudre des erreurs et des problèmes affectant Windows et d’autres programmes.
Pour ouvrir l’Observateur d’événements, cliquez sur le bouton Démarrer du bouton Démarrer, sur Panneau de configuration, sur Système et maintenance, sur Outils d’administration, puis double-cliquez sur Observateur d’événements. Autorisation de l’administrateur nécessaire Si vous êtes invité à fournir un mot de passe administrateur ou une confirmation, fournissez le mot de passe ou la confirmation. Dans la partie Journal d'applications, cherche dans la liste, l'évènement winlogon , double clic pour l'ouvrir et clique sur le bouton du presse papier pour copier le contenu. Colle ensuite dans ta prochaine réponse le contenu du rapport de chkdsk. J'attends :des réponses à mes interrogations (2,3) La confirmation de la désinstallatio de toolbars si tu les utilises, si non pourquoi les utilises tu ? le rapport chkdsk le rapport gmer demandé plus haut. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 8 Fév 2010 - 20:37 | |
| Oups Laddy merci beaucoup pour tout le mal que tu te donnes pour m'aider ! Alors d'abord les réponses : (2) je ne sais pas pourquoi il y a encore une trace de Norton, en principe je l'avais désinstallé avant d'installer Avira. (3) je ne sais pas pourquoi j'ai ces barres d'outils. Je supprime comme tu me l'indiques.
Je vais effectuer les rapports demandés.
J'ai bien recopié tous mes documents sur DD externe.
A bientot, encore merci. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 8 Fév 2010 - 21:03 | |
| J'ai supprimé Google toolbar, mais je ne trouve pas Windows Live Toolbar dans la liste; j'ai "outil de téléchargement Windows Live" et aussi "Windows Live foldershare".Je ne pense pas que ce soit ceux-là, mais bon dis-moi.
A part ça j'ai oublié de te dire que je suis d'accord pour que me "dépoussières" Vista.
Merci, je me lance dans la suite. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 8 Fév 2010 - 23:09 | |
| Bonsoir J'ai effectué le chkdsk, il a réparé des clusters. Par contre, pas moyen d'accéder au rapport. J'ai réussi à aller jusqu'à l'observateur d'évènements puis aux journaux des applications, et à "winlogon", mais ensuite il n'y a pas grand chose : juste marqué Diagnostic (analyse - nombre d'évènements : 0 - taille 4 Ko) et operational (opérationnel - nb d'évènements : 0 - taille 68 Ko).
Désolée mais je ne trouve pas ce rapport.
Je vais faire Gmer maintenant.
A plus tard. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 8 Fév 2010 - 23:18 | |
| Erreur 08/02/2010 22:46:28 Diagnostics-Performance 100 Analyse des performances de démarrage Avertissement 08/02/2010 22:46:20 Diagnostics-Performance 203 Analyse des performances d’arrêt
voilà le genre de choses que j'ai trouvées dans l'observateur d'évènements | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mar 9 Fév 2010 - 6:43 | |
| Ok ce n'est pas grave pour le rapport au moins tu as vu que le disque dur avait un soucis Il me faut un nouveau rapport de OTL, Executes le en désactivant ta protection temporairement, clic droit et executer en tant qu'administrateur, clique sur le bouton quick scan. J'attends : Gmer nouveau rapport OTL Je ferai un script de nettoyage ensuite | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mar 9 Fév 2010 - 8:00 | |
| merci Gmer je n'y arrive pas ! Il a tourné toute la nuit et ce matin ça ne bougeait plus...et pas de rapport ! Est-ce qu'il faut le laisser + longtemps ? De plus, dans le tuto ils disent qu'il faut le "décompresser" je ne sais pas ce que ça veut dire. Donc j'ai peut-être mal lancé le truc ??
Je te fais OTL.
Bonne journée. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mar 9 Fév 2010 - 8:29 | |
| voici le nouveau rapport OTL : OTL logfile created on: 09/02/2010 08:07:17 - Run 2 OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\langiaux\Documents\Mes fichiers reçus Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 104,40 Gb Total Space | 51,65 Gb Free Space | 49,47% Space Free | Partition Type: NTFS Drive D: | 7,39 Gb Total Space | 2,21 Gb Free Space | 29,88% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MPFL Current User Name: langiaux Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/02/09 08:05:57 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL(2).exe PRC - [2010/01/22 19:16:42 | 000,141,608 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2010/01/17 09:40:39 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe PRC - [2009/03/09 05:19:17 | 000,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2009/02/06 16:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2008/12/08 15:50:04 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuschd2.exe PRC - [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/25 07:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE PRC - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe PRC - [2008/02/11 20:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe PRC - [2008/02/11 20:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe PRC - [2008/02/11 20:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe PRC - [2008/02/11 20:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe PRC - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe PRC - [2007/05/20 20:45:14 | 000,417,792 | ---- | M] () -- C:\Windows\System32\ServoApp.exe PRC - [2007/03/28 16:45:14 | 000,176,128 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hp\QuickPlay\QPService.exe PRC - [2007/03/01 12:18:36 | 000,472,776 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe PRC - [2007/02/13 10:38:36 | 000,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe PRC - [2007/01/30 14:58:52 | 000,677,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe PRC - [2007/01/13 04:36:40 | 000,827,392 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe PRC - [2007/01/10 15:12:08 | 000,317,128 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe PRC - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006/11/02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe PRC - [2004/06/09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\Windows\VM_STI.EXE PRC - [2003/04/06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe ========== Modules (SafeList) ========== MOD - [2010/02/09 08:05:57 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\langiaux\Documents\Mes fichiers reçus\OTL(2).exe MOD - [2006/11/02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (Planificateur LiveUpdate automatique) SRV - [2010/01/22 19:16:30 | 000,545,576 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service) SRV - [2009/08/28 18:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2009/08/18 18:44:39 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/08/05 21:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2009/07/13 10:32:56 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/10/09 07:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service) SRV - [2008/01/29 15:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) SRV - [2007/10/29 01:21:51 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/07/10 06:28:08 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2007/02/17 06:31:12 | 000,074,656 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2007/02/12 08:36:58 | 000,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9) SRV - [2007/01/09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) SRV - [2006/12/14 16:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2006/11/02 13:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart) SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/05/02 13:41:28 | 000,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex) SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2009/12/10 15:03:58 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2009/07/13 10:32:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/05/18 13:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/03/03 05:10:44 | 000,182,272 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm) DRV - [2007/12/30 18:13:12 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS) DRV - [2007/07/10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007/06/20 03:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2007/06/20 03:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2007/06/20 03:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2007/05/06 21:44:16 | 000,034,944 | ---- | M] (None) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mfpec.sys -- (ALIWEHCD) DRV - [2007/02/07 22:15:14 | 001,786,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte réseau Intel(R) DRV - [2007/02/02 02:00:00 | 000,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2007/01/13 04:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2007/01/03 16:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV) DRV - [2006/12/12 17:06:40 | 000,148,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService) DRV - [2006/11/30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2006/11/16 10:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006/11/16 05:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006/11/16 03:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:54 | 000,163,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e100b325.sys -- (E100B) Pilote de carte Intel (R) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006/11/02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006/10/20 02:57:12 | 000,010,240 | ---- | M] (None) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfpvbus.sys -- (WUSBVBus) DRV - [2006/06/28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2006/06/19 15:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2005/02/26 15:25:52 | 000,091,527 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/03 16:16:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/03 16:16:25 | 000,000,000 | ---D | M] [2010/02/09 08:01:38 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2007/08/24 20:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll [2010/01/17 09:40:46 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/17 09:40:46 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/17 09:40:46 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2009/12/17 11:22:40 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/01/17 09:40:46 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/17 09:40:46 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | -HS- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BigDogPath] C:\Windows\VM_STI.EXE (BIGDOG) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe File not found O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [Server Application] C:\Windows\System32\ServoApp.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG O24 - Desktop BackupWallPaper: C:\Users\langiaux\Pictures\canada\aéroport roissy .JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/05/07 01:31:12 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O33 - MountPoints2\{0ea0a963-8d4c-11de-ac7a-001b24509dcf}\Shell\AutoRun\command - "" = G:\SamsungSoftware\APPInst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 12:18:47 | 000,000,000 | ---D | M] NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mar 9 Fév 2010 - 8:31 | |
| ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.7 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) OTL cannot create restorepoints on Vista OSs! ========== Files/Folders - Created Within 30 Days ========== [2010/02/08 22:51:52 | 000,000,000 | ---D | C] -- C:\perflogs [2010/02/08 22:51:52 | 000,000,000 | ---D | C] -- \perflogs [2010/02/07 16:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL [2010/02/07 16:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint [2010/02/07 16:43:04 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll [2010/02/07 16:43:04 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll [2010/02/07 16:43:04 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll [2010/02/07 16:43:04 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll [2010/02/07 16:43:03 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll [2010/02/07 16:37:19 | 000,382,240 | ---- | C] (Edimax Technology collaboration., Ltd) -- C:\Windows\System32\UninstMFP.exe [2010/02/07 16:37:16 | 000,034,944 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpec.sys [2010/02/07 16:37:16 | 000,010,880 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpcomp.sys [2010/02/07 16:37:16 | 000,010,240 | ---- | C] (None) -- C:\Windows\System32\drivers\mfpvbus.sys [2010/02/07 16:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\MFP Server [2010/02/07 16:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2010/02/07 16:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2010/02/07 16:31:32 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL [2010/02/07 16:31:23 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBEGE.DLL [2010/02/07 16:31:19 | 000,078,848 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BEGE.DLL [2010/02/07 16:25:22 | 000,071,680 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escwiad.dll [2010/02/04 17:35:59 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msado15.dll [2010/02/04 17:35:59 | 000,015,872 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\WINSKFR.DLL [2010/02/04 17:35:58 | 000,572,416 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\shdoclc.dll [2010/02/04 17:35:58 | 000,119,568 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6fr.dll [2010/02/04 17:35:58 | 000,101,888 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL [2010/02/04 17:35:58 | 000,069,632 | --S- | C] (Accenture) -- C:\Windows\System32\Infobulle.ocx [2010/02/04 17:35:58 | 000,057,344 | --S- | C] (JiangYuanDong) -- C:\Windows\System32\SaveJpeg.ocx [2010/02/04 17:35:58 | 000,006,656 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\stdftfr.dll [2010/02/04 17:35:14 | 001,355,776 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll [2010/02/04 17:35:14 | 000,108,336 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSWINSCK.OCX [2010/02/04 17:35:13 | 000,260,880 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX [2010/02/04 17:35:13 | 000,115,016 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX [2010/02/04 17:35:13 | 000,090,112 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\msjro.dll [2010/02/04 17:35:12 | 000,322,560 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPTR.DLL [2010/02/04 17:35:12 | 000,311,296 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDBRPT.DLL [2010/02/04 17:35:12 | 000,275,216 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATGRD.OCX [2010/02/04 17:35:12 | 000,187,712 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATREP.OCX [2010/02/04 17:35:10 | 000,479,232 | --S- | C] (TB) -- C:\Windows\System32\CF2D_V2.ocx [2010/02/04 17:35:10 | 000,141,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL [2010/02/04 17:35:10 | 000,131,856 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX [2010/02/04 17:35:10 | 000,078,848 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL [2010/02/04 17:35:10 | 000,059,904 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL [2010/02/04 17:35:09 | 000,015,360 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL [2010/02/04 17:35:08 | 000,245,760 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\hxvz.dll [2010/02/04 17:35:08 | 000,180,224 | --S- | C] (Intel Corporation) -- C:\Windows\System32\ijl11.dll [2010/02/04 17:35:07 | 000,044,544 | --S- | C] (Hilgraeve, Inc.) -- C:\Windows\System32\hticons.dll [2010/02/04 17:35:06 | 000,040,960 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL [2010/02/04 17:35:06 | 000,033,280 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBRPRFR.DLL [2010/02/04 17:35:06 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLSTFR.DLL [2010/02/04 17:35:06 | 000,028,672 | --S- | C] (Tradition Bois) -- C:\Windows\System32\ftdbcf.dll [2010/02/04 17:35:05 | 000,525,352 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBGRID32.OCX [2010/02/04 17:35:05 | 000,215,312 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DBLIST32.OCX [2010/02/04 17:35:05 | 000,034,816 | --S- | C] (Apex Software Corporation) -- C:\Windows\System32\DBGRDFR.DLL [2010/02/04 17:35:05 | 000,031,232 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATGDFR.DLL [2010/02/04 17:35:05 | 000,021,504 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\DATRPFR.DLL [2010/02/04 17:35:04 | 000,089,600 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCTLFR.DLL [2010/02/04 17:35:04 | 000,032,768 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL [2010/02/04 17:35:04 | 000,028,672 | --S- | C] (Microsoft Corporation ) -- C:\Windows\System32\CMCT3FR.DLL [2010/02/04 17:35:04 | 000,020,992 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\CMCT2FR.DLL [2010/02/04 17:35:02 | 000,016,384 | --S- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL [2010/02/04 17:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Cuisine Astuce [2010/02/03 16:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/02/03 16:19:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/02/03 16:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- C:\Workspaces [2010/01/31 12:36:46 | 000,000,000 | ---D | C] -- \Workspaces [2010/01/22 07:24:18 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010/01/22 07:24:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/01/22 07:24:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/01/22 07:24:16 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010/01/22 07:24:15 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010/01/22 07:24:15 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010/01/22 07:24:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010/01/22 07:24:15 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010/01/22 07:24:14 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010/01/22 07:24:14 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010/01/22 07:24:14 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll [2010/01/22 07:24:14 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2010/01/22 07:24:14 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010/01/22 07:24:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/01/22 07:24:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010/01/22 07:24:13 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010/01/22 07:24:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010/01/22 07:24:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010/01/22 07:24:11 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010/01/22 07:24:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010/01/22 07:24:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010/01/14 00:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010/01/14 00:10:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS [2010/01/13 07:11:25 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/01/13 07:11:25 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010/01/13 07:11:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/01/13 07:11:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/01/13 07:11:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll ========== Files - Modified Within 30 Days ========== [2010/02/09 08:06:07 | 003,145,728 | -HS- | M] () -- C:\Users\langiaux\ntuser.dat [2010/02/09 08:05:16 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job [2010/02/09 07:51:36 | 000,950,720 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/02/09 07:51:35 | 000,844,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/02/09 07:51:35 | 000,328,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/02/09 07:51:35 | 000,095,006 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/02/09 07:51:34 | 000,342,192 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/02/09 07:44:51 | 000,000,295 | ---- | M] () -- C:\Windows\win.ini [2010/02/09 07:44:29 | 000,000,150 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010/02/09 07:44:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/02/09 07:44:02 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/02/09 07:43:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/02/09 07:43:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/02/09 07:43:12 | 2137,055,232 | -HS- | M] () -- C:\hiberfil.sys [2010/02/08 20:22:26 | 183,799,418 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/02/07 16:56:02 | 000,002,065 | ---- | M] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk [2010/02/07 16:42:51 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manuel.lnk [2010/02/07 16:35:02 | 000,000,765 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2010/02/07 16:34:36 | 000,000,025 | ---- | M] () -- C:\Windows\CDE SX400DEFGIPSDaFiNoSv.ini [2010/02/05 22:33:58 | 000,002,397 | ---- | M] () -- C:\Users\Public\Desktop\IKEA Home Planner.lnk [2010/02/04 17:35:59 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk [2010/02/03 16:20:26 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/02/01 20:00:00 | 000,000,588 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complète du système - langiaux.job [2010/01/31 14:23:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForlangiaux.job [2010/01/19 08:10:56 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/01/14 11:12:06 | 000,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/01/14 00:19:29 | 002,555,904 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2010/01/14 00:19:29 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2010/01/14 00:19:29 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2010/01/13 08:32:27 | 000,354,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2010/02/07 16:56:02 | 000,002,065 | ---- | C] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk [2010/02/07 16:43:04 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010/02/07 16:43:04 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010/02/07 16:43:04 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010/02/07 16:43:04 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010/02/07 16:43:04 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010/02/07 16:43:04 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010/02/07 16:43:04 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010/02/07 16:43:04 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010/02/07 16:43:04 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010/02/07 16:43:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010/02/07 16:43:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010/02/07 16:43:04 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010/02/07 16:43:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010/02/07 16:43:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2010/02/07 16:43:04 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010/02/07 16:43:04 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010/02/07 16:43:04 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010/02/07 16:43:04 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010/02/07 16:43:03 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010/02/07 16:43:03 | 000,013,732 | ---- | C] () -- C:\Windows\System32\EPPICLocal_EN.cfg [2010/02/07 16:43:03 | 000,006,442 | ---- | C] () -- C:\Windows\System32\EPPICLocal_IT.cfg [2010/02/07 16:43:03 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_PT.cfg [2010/02/07 16:43:03 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_BP.cfg [2010/02/07 16:43:03 | 000,006,335 | ---- | C] () -- C:\Windows\System32\EPPICLocal_GE.cfg [2010/02/07 16:43:03 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_FR.cfg [2010/02/07 16:43:03 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_CF.cfg [2010/02/07 16:43:03 | 000,006,122 | ---- | C] () -- C:\Windows\System32\EPPICLocal_DU.cfg [2010/02/07 16:43:03 | 000,006,103 | ---- | C] () -- C:\Windows\System32\EPPICLocal_ES.cfg [2010/02/07 16:43:03 | 000,005,817 | ---- | C] () -- C:\Windows\System32\EPPICLocal_KO.cfg [2010/02/07 16:43:03 | 000,005,436 | ---- | C] () -- C:\Windows\System32\EPPICLocal_SC.cfg [2010/02/07 16:43:03 | 000,002,889 | ---- | C] () -- C:\Windows\System32\EPPICLocal_RU.cfg [2010/02/07 16:43:03 | 000,002,426 | ---- | C] () -- C:\Windows\System32\EPPICLocal_TC.cfg [2010/02/07 16:42:51 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manuel.lnk [2010/02/07 16:37:19 | 000,008,133 | ---- | C] () -- C:\Windows\System32\MFPscript.ini [2010/02/07 16:37:17 | 000,417,792 | ---- | C] () -- C:\Windows\System32\ServoApp.exe [2010/02/07 16:37:16 | 000,200,704 | ---- | C] () -- C:\Windows\System32\mfpcoins.dll [2010/02/07 16:37:16 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ddschk.dll [2010/02/07 16:37:16 | 000,000,548 | ---- | C] () -- C:\Windows\System32\cliktext.ini [2010/02/07 16:35:02 | 000,000,765 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2010/02/07 16:34:36 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX400DEFGIPSDaFiNoSv.ini [2010/02/04 17:35:59 | 001,138,688 | --S- | C] () -- C:\Windows\System32\vkUserControlsXP.ocx [2010/02/04 17:35:59 | 000,169,984 | ---- | C] () -- C:\Windows\System32\glut.dll [2010/02/04 17:35:59 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\Cuisine Astuce.lnk [2010/02/04 17:35:58 | 000,551,120 | --S- | C] () -- C:\Windows\System32\VBOGL.TLB [2010/02/04 17:35:58 | 000,000,005 | ---- | C] () -- C:\Windows\System32\samsc.ocx [2010/02/04 17:35:06 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll [2010/02/03 16:20:26 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010/02/03 15:04:58 | 183,799,418 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010/01/19 08:10:56 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/01/14 00:10:56 | 002,555,904 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl [2010/01/14 00:10:56 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf [2010/01/14 00:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx [2009/12/08 19:26:47 | 000,218,546 | ---- | C] () -- \Sauvegarde_AUTO_ATLANTIQUE TAXI AYTRE_20091208.wdz [2009/08/16 13:55:54 | 000,000,066 | ---- | C] () -- C:\Windows\QTW.INI [2009/08/16 13:42:25 | 000,000,117 | ---- | C] () -- C:\Windows\QM.INI [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/02/16 10:27:06 | 2137,055,232 | -HS- | C] () -- [2008/09/24 15:10:00 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008/09/05 18:46:37 | 000,000,268 | -H-- | C] () -- \sqmdata02.sqm [2008/09/05 18:46:37 | 000,000,244 | -H-- | C] () -- \sqmnoopt02.sqm [2008/09/04 22:33:10 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm [2008/09/04 22:33:10 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm [2008/05/27 20:30:15 | 000,003,122 | ---- | C] () -- \cleannavi.txt [2008/05/26 10:42:07 | 000,002,730 | ---- | C] () -- \fixnavi.txt [2008/05/25 11:42:43 | 000,000,785 | ---- | C] () -- C:\Windows\wininit.ini [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008/03/10 09:49:28 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2008/01/08 19:33:03 | 000,235,884 | ---- | C] () -- \Sauvegarde_AUTO_Ambu83(exemple)_20080108.wdz [2008/01/08 19:33:03 | 000,002,032 | ---- | C] () -- \urgence.log [2007/10/29 22:19:55 | 000,000,399 | ---- | C] () -- C:\Windows\CARTES.INI [2007/10/27 16:06:55 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI [2007/07/21 20:49:45 | 2450,980,864 | -HS- | C] () -- [2007/05/07 01:53:46 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm [2007/05/07 01:53:46 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm [2007/05/07 01:22:40 | 000,000,511 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2007/02/27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2007/02/22 11:14:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1214.dll [2006/12/13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/12/13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2006/11/02 11:23:09 | 000,000,074 | ---- | C] () -- \autoexec.bat [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys [2006/03/10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005/11/25 06:10:18 | 000,438,840 | RHS- | C] () -- \bootmgr [2005/05/08 05:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2001/01/15 10:40:04 | 000,016,896 | ---- | C] () -- C:\Windows\arrondi.dll [1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL ========== LOP Check ========== [2010/02/08 21:13:31 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/02/09 08:05:16 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AB2429C7-CF15-413A-89E8-60C0FF817D22}.job ========== Purity Check ========== ========== Custom Scans ========== < # %SYSTEMDRIVE%\*.* > < %PROGRAMFILES%\*.* > [2008/12/11 06:10:33 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini < %PROGRAMFILES%\*. > [2010/02/07 16:46:20 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 6.0 Sprint [2007/05/07 01:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [2009/03/23 19:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2008/02/14 10:14:20 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe(288) [2008/07/20 15:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead [2008/09/26 19:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2009/06/30 18:53:26 | 000,000,000 | ---D | M] -- C:\Program Files\Avira [2009/09/23 19:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour [2008/03/29 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\CafeBible Gadget LSG [2009/03/30 17:51:15 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2009/11/26 17:35:21 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2010/01/31 11:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT [2007/10/29 22:19:55 | 000,000,000 | ---D | M] -- C:\Program Files\Crapette Jardin Trains [2010/02/06 11:51:13 | 000,000,000 | ---D | M] -- C:\Program Files\Cuisine Astuce [2009/06/16 18:54:19 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX [2007/05/07 01:25:06 | 000,000,000 | ---D | M] -- C:\Program Files\EasyBits [2010/02/07 16:48:25 | 000,000,000 | ---D | M] -- C:\Program Files\epson [2007/10/24 17:52:46 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs [2009/06/16 18:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin [2009/06/16 18:54:26 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin GPS Plugin [2010/02/08 20:57:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2010/02/03 22:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard [2009/11/08 22:45:29 | 000,000,000 | ---D | M] -- C:\Program Files\Hp [2007/05/07 01:34:48 | 000,000,000 | ---D | M] -- C:\Program Files\HPQ [2010/02/01 01:15:51 | 000,000,000 | ---D | M] -- C:\Program Files\IKEA HomePlanner [2010/02/07 16:58:49 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2010/01/23 07:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2010/02/03 16:19:22 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2010/02/03 16:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2009/03/28 10:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2010/01/10 00:01:51 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/02/07 16:37:19 | 000,000,000 | ---D | M] -- C:\Program Files\MFP Server [2009/06/03 06:58:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2010/01/14 00:10:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ATS [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games [2008/07/13 16:00:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2010/01/20 20:19:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2009/06/03 06:53:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition [2009/06/03 06:56:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework [2009/10/16 22:41:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2008/07/13 15:59:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2008/07/20 15:27:11 | 000,000,000 | ---D | M] -- C:\Program Files\MioNet [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010/02/09 07:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSN [2007/10/29 01:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2007/05/07 01:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies [2009/02/24 20:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Navilog1 [2007/11/05 14:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\Neuf [2009/03/24 06:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\NOS [2009/07/30 18:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media [2008/07/20 15:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\Philips [2009/08/16 13:42:25 | 000,000,000 | ---D | M] -- C:\Program Files\quickmov [2010/02/03 16:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2007/05/07 00:47:51 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio [2007/05/07 01:26:33 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne [2007/12/06 15:31:49 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer [2008/05/29 10:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2008/08/27 08:09:32 | 000,000,000 | ---D | M] -- C:\Program Files\Sun [2007/05/07 00:19:12 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics [2009/02/16 10:26:02 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro [2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2009/12/08 20:16:56 | 000,000,000 | ---D | M] -- C:\Program Files\Urgence Windows [2009/09/23 19:08:05 | 000,000,000 | ---D | M] -- C:\Program Files\Utilitaire de configuration iPhone [2008/08/10 17:02:08 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2007/10/29 08:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration [2007/10/29 08:54:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal [2009/10/10 13:14:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2009/06/03 06:50:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive [2010/01/13 08:25:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2009/11/02 08:12:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2007/10/24 17:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2006/11/02 13:42:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery [2008/01/10 03:11:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010/01/01 01:14:07 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\2020 Fusion [2009/04/05 11:08:00 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Adobe [2009/09/23 20:10:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Apple Computer [2007/10/27 16:00:14 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\CyberLink [2009/07/27 13:13:20 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\dvdcss [2009/06/16 18:54:48 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GARMIN [2007/10/28 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Google [2008/12/16 23:01:04 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\GTek [2008/12/16 22:57:08 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Hewlett-Packard [2007/10/27 15:59:56 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HP [2009/11/15 22:56:15 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\HpUpdate [2007/10/24 18:13:51 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Identities [2008/01/31 18:42:54 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\InstallShield [2007/10/24 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Macromedia [2008/05/29 19:47:13 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Malwarebytes [2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Media Center Programs [2009/06/26 12:13:24 | 000,000,000 | --SD | M] -- C:\Users\langiaux\AppData\Roaming\Microsoft [2008/08/26 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Mozilla [2007/11/07 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Roxio [2007/12/30 15:59:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Sony Corporation [2008/04/17 11:20:42 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Symantec [2009/05/04 13:24:22 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\TeamViewer [2009/01/26 12:41:41 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\Template [2008/08/10 19:01:31 | 000,000,000 | ---D | M] -- C:\Users\langiaux\AppData\Roaming\vlc < %APPDATA%\*.exe /s > [2007/08/26 19:55:02 | 000,229,240 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\CDStart.exe [2007/08/26 19:55:10 | 002,551,672 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup.exe [2008/01/29 21:29:22 | 000,778,080 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Stub.exe [2007/08/08 18:27:50 | 001,234,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32\COH32.exe [2007/08/08 18:42:44 | 001,985,584 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64\COH64.exe [2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe [2007/08/26 18:18:56 | 000,128,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\NavShcom.exe [2007/08/26 18:19:02 | 000,245,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navw32.exe [2007/08/26 18:19:02 | 000,061,288 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP\Navwnt.exe [2007/08/24 20:52:12 | 000,370,032 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\COExport.exe [2007/08/24 20:51:48 | 000,095,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\coVisPrx.exe [2007/08/24 20:26:26 | 000,288,088 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe [2007/08/22 14:44:58 | 000,031,576 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\FWCfg.exe [2007/07/30 15:54:34 | 000,071,056 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\sshelper.exe [2007/08/24 21:53:52 | 000,121,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nisoptui.exe [2007/08/24 21:53:26 | 000,276,336 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\nmapapp.exe [2007/08/24 21:53:28 | 000,714,608 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\osCheck.exe [2007/08/24 02:49:18 | 000,423,304 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUAC.exe [2007/08/24 02:49:20 | 000,439,688 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\cltUIStb.exe [2007/08/24 02:48:46 | 000,513,416 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SSAutoRN.exe [2007/08/24 02:49:12 | 000,607,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\SYMCUW.exe [2007/08/20 22:13:30 | 000,509,320 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\PIFSvc.exe [2007/06/15 21:03:54 | 000,476,816 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SMNLnch.exe [2007/08/22 19:28:42 | 002,344,312 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS\IdsInst.exe [2007/08/24 21:53:26 | 000,442,736 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe [2007/08/22 00:21:30 | 000,055,640 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\comHost.exe [2007/08/22 00:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64\comHost.exe [2007/08/13 17:06:10 | 001,018,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST\Sevntx64.exe [2007/08/24 22:07:24 | 000,051,048 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccApp.exe [2007/08/24 22:07:24 | 000,056,168 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccEvtMgr.exe [2007/08/24 22:07:00 | 000,268,648 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccLgView.exe [2007/08/24 22:07:06 | 000,046,440 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSetMgr.exe [2007/08/24 22:07:38 | 000,875,880 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSEUPDT.exe [2007/08/24 22:07:08 | 000,149,864 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\ccSvcHst.exe [2007/08/23 13:35:14 | 000,152,952 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUNOTIF.EXE [2007/08/23 13:35:32 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\ALUSDSVC.EXE [2007/08/23 13:35:14 | 000,308,600 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\AUPDATE.EXE [2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LSETUP.EXE [2007/08/23 13:35:18 | 000,869,752 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUALL.EXE [2007/08/23 13:35:26 | 000,062,840 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCBPRXY.EXE [2007/08/23 13:35:44 | 000,181,624 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCheck.exe [2007/08/23 13:35:24 | 003,192,184 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LUCOMSVR.EXE [2007/08/23 13:35:20 | 000,804,216 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\LuConfig.EXE [2007/08/23 13:35:22 | 000,016,760 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\NotifyHA.exe [2005/05/19 13:50:36 | 002,584,848 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI\wiupdate.exe [2007/08/26 19:55:04 | 000,074,616 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools\ISRlRstr.exe [2008/01/29 21:25:36 | 000,160,112 | R--- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover\Remover.exe [2007/08/26 17:04:20 | 000,985,448 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\Reporter.exe [2007/08/13 17:06:08 | 000,824,712 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST\Sevinst.exe [2007/08/23 21:52:46 | 000,661,896 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe [2007/08/26 17:04:18 | 000,687,976 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch\SymLnch.exe [2007/08/09 11:55:44 | 000,136,544 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe [2007/08/23 18:25:44 | 000,035,192 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\HSLoader.exe [2007/08/23 18:25:48 | 000,036,728 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\isUAC.exe [2007/08/23 18:25:52 | 000,042,360 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLULdr.exe [2007/08/23 18:25:54 | 000,082,808 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\npcLUStb.exe [2007/08/23 18:26:06 | 000,081,272 | ---- | M] (Symantec Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\uiStub2.exe [2007/02/12 19:10:44 | 002,682,880 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist32.exe [2007/02/12 19:10:44 | 003,161,088 | ---- | M] (Microsoft Corporation) -- C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist\redist64.exe < MD5 for: AGP440.SYS > [2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys [2007/05/07 01:37:23 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008/01/19 06:06:48 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008/01/19 05:33:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTORV.SYS > [2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\df81987ce1972154ab659b2f560f1610\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-02-09 06:51:02 < > < End of report > | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 6:34 | |
| Désolé de ma réponse tardive, il y a des travaux sur les lignes internet de mon quartier et je me retrouve sans le net
Je fais au plus vite | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 8:00 | |
| Pas de souci Laddy, je t'attends;
Merci encore, bonne journée. | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 9:44 | |
| Dans le panneau de configuration désinstalle via Programmes et fonctionnalités : Apple Software Update Bonjour Désactive L'antivirus et antispyware....OTM !
- Télécharge OTMoveIt de OldTimer.
Aide : http://www.bibou0007.com/outils-specifiques-f78/tutorial-otmoveit-t387.htm
- Sauvegarde le sur ton Bureau.
- Sous Vista, fais un clic droit que OTM.exe et choisis Executer en tant qu'administrateu pour le lancer.
- Copie le chemin des fichiers suivants en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionner, clique-droit et choisis Copier) :
- Citation :
:processes explorer.exe
:files C:\Program Files\Common Files\Symantec Shared C:\Program Files\Bonjour C:\Windows\MEMORY.DMP C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security
:services Bonjour Service Symantec RemoteAssist
::commands [purity] [emptytemp] [start explorer]
- Retourne dans OTM, fais un clique-droit dans la fenêtre "Paste instructions for items to move" et choisis Coller.
- Clique sur le bouton rouge Moveit!.
- Ferme OTM.
Note : Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir le processus. Si c'est le cas, choisis Yes. Poste le rapport de OTM dispo ici : C:\_OTM\MovedFilesHijackthisHijackthis est mal placé sur ton PC, il faut qu'il soit bien installé pour créer un dossier de sauvegarde. (C:\Program files\Trend Micro\Hijackthis) - Télécharge HiJackThis de Merijn sur ton bureau. - Double-clic sur HijackThis pour l'installer et l'exécuter une fenêtre va s'ouvrir - Génère un rapport en suivant ces indications : - Exécute le et clique sur Do a system scan only.
Coche les lignes suivantes : IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard) O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe File not found O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [QlbCtrl] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) Fermes toutes tes applications y compris ton navigateur internet, Clique sur le bouton fix checked . Reposte moi un rapport hijackthis pour cela, retourne sur la page principale en cliquant sur le bouton main menu , clique sur le 1er bouton Do a system scan and save a logfile. Le bloc note va s'ouvrir, copie coller le contenu du rapport dans ta prochaine réponse. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 21:55 | |
| j'ai fait OTM mais j'ai du mal à trouver le rapport: est-ce que c'est celui-là ? (que j'ai trouvé en faisant "ordinateur" puis en choisissant "C" et OTM dans "rechercher") (et pourquoi j'ai encore Symantec là-dedans ? j'avais désinstallé Norton); je te l'envoie mais si ce n'est pas ça, dis-moi où le trouver. Merci. All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== FILES ========== C:\Program Files\Common Files\Symantec Shared\Support Controls folder moved successfully. C:\Program Files\Common Files\Symantec Shared\CCPD-LC folder moved successfully. C:\Program Files\Common Files\Symantec Shared folder moved successfully. File/Folder C:\Program Files\Bonjour not found. C:\Windows\MEMORY.DMP moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\VCRedist folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMTHM folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SYMHTML folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\SPManfst folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\NPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Manifest folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\frames folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\buttons folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\Gadget folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP\SUPPSOFT folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC\APP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC\uiNPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\uiNPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Manifest folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet\Drivers folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet\SymNet folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymNet folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\XP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\Vista folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI\SymMCEAI folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymMCEAI folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SymLnch folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32\Drivers folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\System32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\SRTSP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE\Manifest folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP\SRTSP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SRTSP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE\MANIFEST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate\LUMfests folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32\LUpdate folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC\SPBBC32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\SEVINST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c\01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter\0c folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Reporter folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\Remover folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c\01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan\0c folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\PreScan folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\NISTools folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\MSI folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SYSTEM32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\SPMANI~1 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate\WLUEX folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\LUpdate folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI\External folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\HelpMSI folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\MANIFEST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore\CFMan folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF\cfCore folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\CF folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon\ccCommon folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\ccCommon folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore\AppCore folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support\AppCore folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Support folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\NPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\frames folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\buttons folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64\Gadget folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC\uiNPC64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\uiNPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64\Drivers folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet\SND_x64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SymNet folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32\Drivers folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\System32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE\Manifest folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP\SRTSPx64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SRTSP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64\LUpdate folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC\SPBBC64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\SEVINST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon\ccCmn64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64\ccCommon folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Suport64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData\Dict folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\VAData folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\VASCAN folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\SecHist folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\Options folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\ncwHyPEX folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\MANIFEST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\IDS folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF\CFMan folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CF folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\CCPD-LC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\PIF_96E2 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\OPC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\HTEC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\Dist folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\CF folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App\IDSDefs folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\App folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup\Setup folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Setup folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\MANIFEST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE\COL folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec\LUREGMAN folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\Symantec folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\InitDefs folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\drivers folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO\APP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO\NCO folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NCO folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusDef folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\VirusD64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32\COH32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\System32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON\Tasks folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec\NORTON folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\Symantec folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\MUI folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\APP folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\NORTON folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\SPBBC folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\MANIFEST folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\SYMSHARE folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\COH32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi\0c01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\CommonFi folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH64 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External\COH32 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV\External folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\NAV folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c\01 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang\0c folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828\Lang folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL\20070828 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages\NIS_RETAIL folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0\SymAllLanguages folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security\15.0 folder moved successfully. C:\Users\langiaux\AppData\Roaming\Symantec\Layouts\Norton Internet Security folder moved successfully. ========== SERVICES/DRIVERS ========== Error: No service named Bonjour Service was found to stop! Unable to stop service Bonjour Service! Service Symantec RemoteAssist stopped successfully! Service Symantec RemoteAssist deleted successfully! Error: Unable to interpret <::commands> in the current context! Error: Unable to interpret <[purity]> in the current context! Error: Unable to interpret <[emptytemp]> in the current context! Error: Unable to interpret <[start explorer]> in the current context! OTM by OldTimer - Version 3.1.8.0 log created on 02102010_213603
Je vais faire HiJackthis maintenant. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 22:28 | |
| Bon voilà la suite ! Dans HiJack this, je n'ai pas trouvé toutes les lignes que tu m'avais dit de cocher : 1) pas de lignes commençant par IE ; il semble que les lignes correspondantes commencent par R1 2) pas de lignes commençant par O16 Dans le doute je n'ai pas coché celles commençant par R1 au lieu de IE (je suppose que tu vas me dire de le faire, mais j'avais peur de faire des bêtises ) 3) voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:21:27, on 10/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Windows\VM_STI.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\ServoApp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 6732 bytes | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Mer 10 Fév 2010 - 22:32 | |
| ah aussi je n'ai pas trouvé la ligne 03 HKCU\.\Toolbar\WebBrowser (&Windows Live Toolbar) (je ne recopie pas les chiffres...) ni O4 HKLM\Run [] File not found voilà, c'est tout pour ce soir... dodo maintenant pour ma part !! | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 11 Fév 2010 - 7:26 | |
| Bonjour Ouvre hijackthis et coche les lignes suivantes : R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) Fermes toutes les applications y compris ton navigateur internet : Clique sur le bouton fix checked Via le panneau de configuration, programmes et fonctionnalités Désinstalle si tu le trouves le programme Navilog1. Si tu ne le trouves pas : Supprime le dossier Navilog1 : C:\Program Files\Navilog1 Supprime également les fichiers : C:\cleannavi.txt et C:\fixnavilog.txt ensuite je vais essayer un truc pour RSIT. RSITTélécharge random's system information tool (RSIT) par random/random et sauvegarde le sur ton Bureau * Fais un clic droit sur RSIT.exe et rends toi dans l'onglet compatibilité, choisis Mode xp, valide. * Refais un clic droit sur RSIT.exe et execute le "En tant qu'administrateur" * Double-clic sur RSIT.exe pour l'exécuter. * Clique sur le bouton "Continue" sur la fenêtre d'avertissement. * Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (c:\rsit) * Poste les dans ta prochaine réponse
Note : un rapport hijackthis est contenu dans le rapport log.txtSi tes rapports sont trop long utilise ce site : http://www.miraclesalad.com/webtools/clip.php Copie/coller ton rapport et clique sur le lien IP ADRESSE copie coller ton IP dans la zone adéquate puis clique sur le bouton Paste to new clipboardDonne le lien dans ta prochaine réponse. Il est de type : http://www.miraclesalad.com/webtools/clip.php?clip=XXXX ou xxxx est un numéro. Si ça ne fonctionne pas, refais un scan OTL en cliquant sur Quick Scan. Comment va ton PC avec cette optimisation ? | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 11 Fév 2010 - 7:53 | |
| Bonjour Je réponds d'abord à ta dernière question : mon PC va BEAUCOUP mieux depuis ce que tu m'as fait faire. Il est beaucoup + rapide à l'ouverture & à la fermeture, et aussi en service !
Donc déjà MERCI !
La suite pour ce soir...je n'ai guère de temps le matin.
2 questions toutefois : 1) tu me dis (à chaque téléchargement) : télécharge (tel programme) et sauvegarde-le sur ton bureau. C'est quoi "sauvegarder sur le bureau" ? je ne sais pas faire ça. Du coup j'ai toujours du mal à retrouver ce que j'ai téléchargé... 2) pourquoi est-ce que j'ai tous ces programmes inutiles qui me ralentissent ? c'est moi qui les ai mis ? d'où sortent-ils ?
Bonne journée Laddy ! | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Jeu 11 Fév 2010 - 8:12 | |
| A ce soir, pas de problème, ma réponse suivant l'heure sera le lendemain 1. Quand tu télécharges un programme, il est surement téléchargé dans un dossier dédié : exemple : C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe Or lors de nos procédures nous demandons à ce que les outils soient mis sur ton bureau. Dans tu te rends dans ton dossier de téléchargement, tu fais un clic droit sur l'outil puis tu choisis couper, tu te rends sur ton bureau et tu le colles clic droit coller. 2. Les services et programmes inutiles : Certains sont livrés avec les PC de marque. Lorsque tu installes un logiciel il est doté d'une certaine configuration, comme par exemple, regarder si une mise à jour est disponible automatiquement. Or parfois il n'est pas nécessaire d'avoir des services toujours activés, il suffit de se tenir un peu ou courant. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 12 Fév 2010 - 10:19 | |
| Bonjour Laddy Voici le nouveau rapport HiJackThis après suppression des lignes R0 et R23 demandées. (pas eu la force de le faire hier soir, j'ai un gros rhume et je suis crevée...heureusement je ne travaille pas aujourd'hui je peux me reposer ! reprise du boulot demain, mais aujourd'hui j'ai le temps de m'occuper de mon ordi). Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:14:40, on 12/02/2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16982) Boot mode: Normal
Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\VM_STI.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\ServoApp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\langiaux\Documents\Mes fichiers reçus\mp-f173113764244\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wibeez.com/meteo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=PRESARIO&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Server Application] C:\Windows\system32\ServoApp.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
-- End of file - 5742 bytes | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 12 Fév 2010 - 10:23 | |
| Ah zut je crois que ce n'est pas tout à fait ça qu'il fallait faire : je viens de voir que le rapport HIJack serait compris dans le rapport RSIT. Mais comme je ne suis pas très habile avec l'informatique, j'ai pris tes instructions une par une : j'ai commencé par les lignes à cocher dans Hijack, maintenant je vais supprimer Navilog dans Pg et Fct, et je vais ensuite passer à RSIT. J'espère que cela ira quand même, désolée | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 12 Fév 2010 - 10:27 | |
| Je n'ai pas navilog dans Programmes et fonctionnalités (je vais faire l'autre manip) par contre je trouve " Symantec Technical Support Web Controls" : je le laisse celui-là ??
Désolée pour mes questions sans fin... | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 12 Fév 2010 - 10:37 | |
| encore moi : j'ai supprimé navilog + cleannavi + fixnavilog, ils sont juste partis dans la corbeille : ça suffit ? | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Ven 12 Fév 2010 - 10:54 | |
| problème avec RSIT : AutoIt Error : Line -1 : Error : Subscript used with non-Array variable.
que faire ??? | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 9:23 | |
| Hmmm malheureusement je ne sais pas si je peux réparer cette erreur comme sous windows xp : http://www.commentcamarche.net/faq/25150-rsit-autoit-error
Pour finir :
Télécharge SecuScan de Laddy & Batch_Man sur ton bureau
Sous Windows Vista: Fais un clique droit dessus SecuScan.bat et clique sur Exécuter en tant qu'administrateur
Sous Windows XP: Double clique sur SecuScan.bat
Choisis l'option 1 puis attends, le programme va te demander d'appuyer sur une touche quand il aura fini, fais le un
rapport va s'ouvrir, poste-le.
S'il ne s'ouvre pas, il est placé dans ton disque dur ( C:\ normalement ) au nom de SecuScan.txt | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 11:03 | |
| hello Laddy ça ne marche pas pour RSIT (c'est où "exécuter" sur Vista ?? je l'ai tapé dans "rechercher", ce n'est peut-être pas ça). Je fais Seruscan , je te le poste. Bonne journée. | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 11:05 | |
| Laisse pour Rsit fais secuscan | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 11:11 | |
| SecuScan v.2.02 par Batch_Man & Laddy Début a 11:08 le 15/02/2010 Système d'exploitation: Windows Vista (TM) Home Premium langiaux : Compte administrateur Processeur : Intel(R) Celeron(R) M CPU 520 @ 1.60GHz Mode de boot: Normal Lancé de C:\Users\langiaux\Desktop\SecuScan.bat Choix 1 [SecuList] +-----------[Versions programmes connus] Java : 1.6.0_13 Acrobat Reader : 9.0 Mozilla Firefox : 3.5.7 (fr) Internet Explorer : 7.0.6000.16982 Flash Player (IE) : 10,0,22,87 Windows Media Player : 11,0,6000,6353 Flash Player (Firefox) : 10.0.32.18 Shockwave Player (IE) : 1151601 ShockwavePlayer (Firefox) : 1151601 +-----------[Logiciels de securité] Kaspersky Online Scanner Avira AntiVir Personal - Free Antivirus Symantec Technical Support Web Controls Malwarebytes' Anti-Malware +-----------[Logiciels de P2P] +-----------[Modification du fichier Hosts] Modifiée: ::1 localhost +-----------[Pare-Feu Windows - ACTIVE] [HKLM\SYSTEM\...\AuthorizedApplications\List] +-----------[Centre de securité - ACTIVE] Le système controle l'antivirus Le système controle le firewall Le système controle les mises a jour +-----------[Autres] Mises à jour automatiques activées La restauration système est activée Attention: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System,EnableLUA = 0x0 - UAC désactivé !!! HKEY_LOCAL_MACHINE\..\Winlogon,Shell=explorer.exe HKEY_LOCAL_MACHINE\..\Winlogon,Userinit=C:\Windows\system32\userinit.exe, +-----------[Autres rapports] [15/02/2010 11:09 - 1708] Choix 1 (SecuList) > C:\SecuScan\SecuScan-2.txt +-----------[Fin a 11:09 le 15/02/2010] | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 11:25 | |
| Tu as deux programmes sujets aux failles de sécurité qui doivent être mis à jour. La machine Java : Mise à jour Machine JAVATa version de Java est complètement obsolète et donc pleine de failles de sécurité qui peuvent être exploitées par les malwares. Javara te permettra de faire la mise à jour et de supprimer les anciennes versions : Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries. * Décompresse le fichier sur ton bureau (clic droit > Extraire tout) * Double-clique sur le répertoire JavaRa obtenu * Execute le fichier JavaRa.exe (le exe peut ne pas s'afficher) en faisant un clic droit puis choisir executer en tant qu'administrateur. * Choisis dans le menu déroulante : French * Clique sur Recherche de mise à jour s * Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher * Autorise le processus à se connecter s'il te le demande, clique sur Installer et suis les instructions d'installation. Cela prendra quelques minutes. * Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Effacer les anciennes versions * Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok. * Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse. Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log) * Ferme l'application
-Acrobat Reader 9.3 :Mets à jour ta version acrobat reader en allant sur cette page : http://get.adobe.com/fr/reader/ Une fois fait, Dans Ajout/Suppression des programmes tu supprimes toutes les autres versions. Note : La dernière version de firefox est : 3.6 tu peux mettre à jour si tu le désires. Vérifie aussi que flashplayer est à jour, version actuelle : 10.0.45.2 Rends toi sur cette page : http://get.adobe.com/fr/flashplayer/ décoche la case McAfee Security Scan Plus gratuit (en option) Instruction installation : http://www.adobe.com/fr/products/reader/dlm/firefox_steps.html Une installation manuelle pour le plugin est peut etre nécessaire. Télécharger le fichier gp.xpi sur ton bureau. Puis dans firefox : rends toi dans outils puis modules complementaires Dans la fenêtre en bas à gauche, clique sur le bouton Installer ouvre gp.xpi A la seconde fenêtre, clique sur oui, puis installer maintenant Redemarre firefox, un fichier html veut être enregister sur ton bureau, libre à toi de le telecharger ou non (personnellement j'en ai pas besoin) Une fenetre download manager d'adobe sera ouvert et te proposera de mettre à jour flash player. Poste un nouveau rapport secuscan ensuite. | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 12:09 | |
| je ne peux pas télécharger Javara : erreur 403 forbidden | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 12:15 | |
| Lien de javara ; http://downloads.sourceforge.net/project/javara/javara/JavaRa/JavaRa.zip?use_mirror=switch | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 12:36 | |
| Je suis un peu perdue !! désolée ! J'ai téléchargé JavaRa en suivant le lien, mais le clic droit ne me propose pas "extraire tout". Je l'ai ouvert et j'ai 2 fenêtres : 1) MP-F ; AppData ; Local ; Temp; JavaRa.zip avec dedans : gpl-2.0.txt Javara.def Javara.exe
2) MP-F ;Documents ; JavaRa avec dedans : les 3 mêmes choses.
J'ai fait une mauvaise manip ? que dois-je faire de tout cela ?
Par ailleurs j'ai aussi la fenêtre JavaRa 1.15 où j'ai coché "mettre à jour via jucheck.exe, mais quand je fais "rechercher" : rien ne se passe.
MERCI Laddy !!!!!!!!!!! | |
| | | Laddy Admin
Nombre de messages : 7927 Age : 46 Localisation : suisse Date d'inscription : 14/03/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 12:52 | |
| Utilise la méthode manuelle dans ce cas: Pff vista a surement des choses non communes à xp comme l'extraction...
Il faut executer javaRa.exe avec les droits administrateur comme indiqué par un clic droit et autoriser le fichier ds le parefeu
rends toi sur cette page : http://www.java.com/fr/download/ télécharge la mise à jour en cliquant sur le bouton télécharger gratuit java. fais l'installation... Puis rends toi dans la panneau de configuration, programmes et fonctionnalités et désinstaller l'ancienne version de java 6 up 13 | |
| | | mariep17 mégabibou
Nombre de messages : 269 Age : 69 Localisation : charente-maritime Date d'inscription : 02/06/2008
| Sujet: Re: [Résolu]infection ou autre cause ? Lun 15 Fév 2010 - 12:55 | |
| pour le plugin : où je trouve gp.xpi ? (je n'arrive pas à faire la MAJ de Adobe) | |
| | | Contenu sponsorisé
| Sujet: Re: [Résolu]infection ou autre cause ? | |
| |
| | | | [Résolu]infection ou autre cause ? | |
|
Sujets similaires | |
|
| Permission de ce forum: | Vous ne pouvez pas répondre aux sujets dans ce forum
| |
| |
| |
|