Aller au contenu
johjeff

PC lent et internet très lent

Messages recommandés

Bonjour est-ce que quelqu'un peut m'aider pour mon problème. Depuis plus d'un mois,mon pc est lent et internet est très difficile à utiliser. J'ai passé HilackThis et j'ai les 2 rapports mais que faire avec?

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonjour,

 

Téléchargez cet outil de diagnostic.

 

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

Si les rapports sont trop lourds, postez les en plusieurs fois

Partager ce message


Lien à poster
Partager sur d’autres sites

voici les log demandé:

 

info.txt logfile of random's system information tool 1.06 2010-03-03 19:24:59

 

======Uninstall list======

 

-->"C:\Program Files (x86)\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}

-->"C:\Program Files (x86)\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Cake Mania\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Chuzzle Deluxe\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Diner Dash\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\FATE\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Hot Dish\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Penguins!\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"

-->"C:\Program Files (x86)\TOSHIBA Games\Zuma Deluxe\Uninstall.exe"

-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}

Ad-Aware-->"C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware-->C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe

Adobe Flash Player ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 8.2.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A82000000003}

AVG 9.0-->C:\Program Files (x86)\AVG\AVG9\setup.exe /UNINSTALL

Canon Digital Camera Solution Disk 40-46 Guide de démarrage des logiciels-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\SoftwareStarterGuide-DCSD40_46\Uninst.ini"

Canon Guide d'impression personnelle-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Personal Printing Guide\Uninst.ini"

Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\MVWUninst.ini"

Canon PowerShot A1100 IS Guide d'utilisation de l'appareil photo-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraUserGuide-PSA1100IS\Uninst.ini"

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"

Canon Utilities CameraWindow DC-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowDC\Uninst.ini"

Canon Utilities CameraWindow-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"

Canon Utilities MyCamera DC-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\MyCameraDC\Uninst.ini"

Canon Utilities MyCamera-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\MyCamera\Uninst.ini"

Canon Utilities PhotoStitch-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\PhotoStitch\Uninst.ini"

Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"

Canon Utilities ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\Uninst.ini"

Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX MCU\Uninst.ini"

Décorateur Virtuel Xpert : Sico-->"C:\Program Files (x86)\Décorateur Virtuel\Xpert\Data\1036\Sico\unins000.exe"

Décorateur Virtuel Xpert 1.0-->MsiExec.exe /X{8479D8D6-D1FE-45EB-8F8D-A5126D70B467}

DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c

GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}

Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

HijackThis 2.0.2-->"C:\Program Files (x86)\trend micro\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""

Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}

Jeux WildTangent-->"C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"

Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}

Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

OnlinePlay 1.0-->C:\Program Files (x86)\OnlinePlay\uninst.exe

Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0c0c -removeonly

Realtek High Definition Audio Driver-->RtlUpd64.exe -r -m -nrg2709

Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly

Realtek WiFi Protected Setup Library-->C:\Program Files (x86)\InstallShield Installation Information\{02CA24DD-C8B0-4280-BE53-7862869C2EB1}\Install.exe -uninst -l0xC0C

Realtek WLAN driver-->C:\Program Files (x86)\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0xC0C

Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files (x86)\InstallShield Installation Information\{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}\setup.exe -runfromtemp -l0x040c -removeonly

Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb

Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

TOSHIBA Assist-->C:\Program Files (x86)\InstallShield Installation Information\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}\setup.exe -runfromtemp -l0x040c -removeonly

TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}

TOSHIBA DVD PLAYER-->C:\Program Files (x86)\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly

TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files (x86)\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c

TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2883F6F5-0509-43F3-868C-D50330DD9DD3}\setup.exe" -l0x40c

Toshiba Registration-->MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}

TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}\setup.exe" -l0x40c

TOSHIBA Value Added Package-->C:\Program Files (x86)\InstallShield Installation Information\{066CFFF8-12BF-4390-A673-75F95EFF188E}\setup.exe -runfromtemp -l0x040c

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}

Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\SysWOW64\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}

Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}

Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

 

======Security center information======

 

AV: AVG Anti-Virus

AS: AVG Anti-Virus (disabled)

AS: Windows Defender

 

======System event log======

 

Computer Name: PC-de-Sylvie

Event Code: 4374

Message: Windows Servicing a déterminé que ce package KB967723(Security Update) n’est pas applicable à ce système.

Record Number: 8382

Source Name: Microsoft-Windows-Servicing

Time Written: 20091103142340.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-Sylvie

Event Code: 4374

Message: Windows Servicing a déterminé que ce package KB967723(Security Update) n’est pas applicable à ce système.

Record Number: 8381

Source Name: Microsoft-Windows-Servicing

Time Written: 20091103142340.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-Sylvie

Event Code: 4374

Message: Windows Servicing a déterminé que ce package KB967723(Security Update) n’est pas applicable à ce système.

Record Number: 8380

Source Name: Microsoft-Windows-Servicing

Time Written: 20091103142340.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-Sylvie

Event Code: 4374

Message: Windows Servicing a déterminé que ce package KB967723(Security Update) n’est pas applicable à ce système.

Record Number: 8379

Source Name: Microsoft-Windows-Servicing

Time Written: 20091103142340.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-Sylvie

Event Code: 4374

Message: Windows Servicing a déterminé que ce package KB967723(Security Update) n’est pas applicable à ce système.

Record Number: 8378

Source Name: Microsoft-Windows-Servicing

Time Written: 20091103142340.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

=====Application event log=====

 

Computer Name: PC-de-Sylvie

Event Code: 10

Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Record Number: 521

Source Name: Microsoft-Windows-WMI

Time Written: 20091025065541.000000-000

Event Type: Erreur

User:

 

Computer Name: PC-de-Sylvie

Event Code: 1530

Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

 

DÉTAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-991266276-1676932527-3233634144-1000:

Process 524 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-991266276-1676932527-3233634144-1000

 

Record Number: 504

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20091025065315.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-Sylvie

Event Code: 3013

Message: Impossible de mettre à jour l'entrée <C:\USERS\SYLVIE\SEARCHES\DESKTOP.INI> dans la configuration de hachage.

 

Contexte : Application , Catalogue SystemIndex

 

Détails :

Un périphérique attaché au système ne fonctionne pas correctement. (0x8007001f)

 

Record Number: 486

Source Name: Microsoft-Windows-Search

Time Written: 20091025064025.000000-000

Event Type: Erreur

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 1008

Message: Le service Windows Search tente de supprimer l’ancien catalogue.

 

Record Number: 452

Source Name: Microsoft-Windows-Search

Time Written: 20091025063038.000000-000

Event Type: Avertissement

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 6001

Message: Échec de l’abonné aux notifications Winlogon <GPClient> lors d’un événement de notification.

Record Number: 438

Source Name: Microsoft-Windows-Winlogon

Time Written: 20081201145325.000000-000

Event Type: Avertissement

User:

 

=====Security event log=====

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 4648

Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : WIN-APQKGGW2BDH$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Compte dont les informations d’identification ont été utilisées :

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Serveur cible :

Nom du serveur cible : localhost

Informations supplémentaires : localhost

 

Informations sur le processus :

ID du processus : 0x230

Nom du processus : C:\Windows\System32\services.exe

 

Informations sur le réseau :

Adresse du réseau : -

Port : -

 

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.

Record Number: 952

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081201145210.356256-000

Event Type: Succès de l'audit

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 4672

Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

ID d’ouverture de session : 0x3e7

 

Privilèges : SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 951

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081201145210.200256-000

Event Type: Succès de l'audit

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 4624

Message: L’ouverture de session d’un compte s’est correctement déroulée.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : WIN-APQKGGW2BDH$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

 

Type d’ouverture de session : 5

 

Nouvelle ouverture de session :

ID de sécurité : S-1-5-18

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Informations sur le processus :

ID du processus : 0x230

Nom du processus : C:\Windows\System32\services.exe

 

Informations sur le réseau :

Nom de la station de travail :

Adresse du réseau source : -

Port source : -

 

Informations détaillées sur l’authentification :

Processus d’ouverture de session : Advapi

Package d’authentification : Negotiate

Services en transit : -

Nom du package (NTLM uniquement) : -

Longueur de la clé : 0

 

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

 

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

 

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

 

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

 

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

 

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.

- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .

- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.

- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.

- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.

Record Number: 950

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081201145210.200256-000

Event Type: Succès de l'audit

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 4648

Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : WIN-APQKGGW2BDH$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Compte dont les informations d’identification ont été utilisées :

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Serveur cible :

Nom du serveur cible : localhost

Informations supplémentaires : localhost

 

Informations sur le processus :

ID du processus : 0x230

Nom du processus : C:\Windows\System32\services.exe

 

Informations sur le réseau :

Adresse du réseau : -

Port : -

 

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.

Record Number: 949

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20081201145210.200256-000

Event Type: Succès de l'audit

User:

 

Computer Name: WIN-APQKGGW2BDH

Event Code: 1102

Message: Le journal d’audit a été effacé.

Objet :

ID de sécurité : S-1-5-21-1018091508-31726243-3460344523-500

Nom de compte : Administrator

Nom de domaine : WIN-APQKGGW2BDH

ID de connexion : 0x3b205

Record Number: 948

Source Name: Microsoft-Windows-Eventlog

Time Written: 20081201145203.804256-000

Event Type: Succès de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~2\COMMON~1\ULEADS~1\MPEG

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"NUMBER_OF_PROCESSORS"=1

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat

"DFSTRACINGON"=FALSE

"configsetroot"=%SystemRoot%\ConfigSetRoot

 

-----------------EOF-----------------

 

 

 

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Sylvie at 2010-03-03 19:35:56

Microsoft® Windows Vista Édition Familiale Premium Service Pack 2

System drive C: has 162 GB (74%) free of 219 GB

Total RAM: 2939 MB (51% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:36:44, on 2010-03-03

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

 

Running processes:

C:\Program Files\ltmoh\ltmoh.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil9e.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Sylvie\Desktop\RSIT.exe

C:\Program Files (x86)\trend micro\Sylvie.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

O23 - Service: ConfigFree Gadget Service - TOSHIBA Corporation. - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 9421 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\User_Feed_Synchronization-{36DBC0A6-9B44-44F2-9953-3F90673CF468}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2009-12-21 1484056]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-02 812528]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-02 279664]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]

"NDSTray.exe"=NDSTray.exe []

"cfFncEnabler.exe"=cfFncEnabler.exe []

"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2009-12-22 2033432]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-05-19 432640]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-25 68856]

"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"ForceActiveDesktopOn"=

"BindDirectlyToPropertySetStorage"=

"NoActiveDesktopChanges"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1

.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-03-03 19:23:46 ----D---- C:\Program Files (x86)\trend micro

2010-03-03 19:23:45 ----D---- C:\rsit

2010-03-03 16:34:06 ----D---- C:\Users\Sylvie\AppData\Roaming\Malwarebytes

2010-03-03 16:33:57 ----D---- C:\ProgramData\Malwarebytes

2010-03-03 16:33:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-03-03 11:49:00 ----D---- C:\ProgramData\Lavasoft

2010-03-03 11:49:00 ----D---- C:\Program Files (x86)\Lavasoft

2010-03-03 11:23:10 ----A---- C:\Windows\system32\occache.dll

2010-03-03 11:23:09 ----A---- C:\Windows\system32\jsproxy.dll

2010-03-03 11:23:09 ----A---- C:\Windows\system32\iepeers.dll

2010-03-03 11:23:08 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-03-03 11:23:08 ----A---- C:\Windows\system32\msfeeds.dll

2010-03-03 11:23:07 ----A---- C:\Windows\system32\ieui.dll

2010-03-03 11:23:07 ----A---- C:\Windows\system32\iernonce.dll

2010-03-03 11:23:06 ----A---- C:\Windows\system32\wininet.dll

2010-03-03 11:23:06 ----A---- C:\Windows\system32\iesetup.dll

2010-03-03 11:23:05 ----A---- C:\Windows\system32\iedkcs32.dll

2010-03-03 11:23:04 ----A---- C:\Windows\system32\urlmon.dll

2010-03-03 11:23:04 ----A---- C:\Windows\system32\msfeedssync.exe

2010-03-03 11:23:04 ----A---- C:\Windows\system32\iertutil.dll

2010-03-03 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe

2010-03-03 11:23:00 ----A---- C:\Windows\system32\ieframe.dll

2010-03-03 11:22:58 ----A---- C:\Windows\system32\mshtml.dll

2010-03-03 11:22:55 ----A---- C:\Windows\system32\ieUnatt.exe

2010-03-03 11:22:55 ----A---- C:\Windows\system32\iesysprep.dll

2010-03-03 11:18:12 ----A---- C:\Windows\system32\ieakeng.dll

2010-03-03 11:18:12 ----A---- C:\Windows\system32\icardie.dll

2010-03-03 11:18:12 ----A---- C:\Windows\system32\corpol.dll

2010-03-03 11:18:12 ----A---- C:\Windows\system32\advpack.dll

2010-03-03 11:18:12 ----A---- C:\Windows\system32\admparse.dll

2010-03-03 11:18:09 ----A---- C:\Windows\system32\wextract.exe

2010-03-03 11:18:09 ----A---- C:\Windows\system32\msls31.dll

2010-03-03 11:18:08 ----A---- C:\Windows\system32\pngfilt.dll

2010-03-03 11:18:08 ----A---- C:\Windows\system32\ieapfltr.dll

2010-03-03 11:18:06 ----A---- C:\Windows\system32\imgutil.dll

2010-03-03 11:18:06 ----A---- C:\Windows\system32\dxtrans.dll

2010-03-03 11:18:06 ----A---- C:\Windows\system32\dxtmsft.dll

2010-03-03 11:18:05 ----A---- C:\Windows\system32\mstime.dll

2010-03-03 11:18:04 ----A---- C:\Windows\system32\webcheck.dll

2010-03-03 11:18:04 ----A---- C:\Windows\system32\mshtmled.dll

2010-03-03 11:18:04 ----A---- C:\Windows\system32\licmgr10.dll

2010-03-03 11:18:04 ----A---- C:\Windows\system32\inseng.dll

2010-03-03 11:18:03 ----A---- C:\Windows\system32\msrating.dll

2010-03-03 11:18:03 ----A---- C:\Windows\system32\ieakui.dll

2010-03-03 11:18:03 ----A---- C:\Windows\system32\ieaksie.dll

2010-03-03 11:18:02 ----A---- C:\Windows\system32\WinFXDocObj.exe

2010-03-03 11:18:02 ----A---- C:\Windows\system32\vbscript.dll

2010-03-03 11:18:01 ----A---- C:\Windows\system32\url.dll

2010-03-03 11:18:01 ----A---- C:\Windows\system32\mshtmler.dll

2010-03-03 11:18:01 ----A---- C:\Windows\system32\jscript.dll

2010-03-03 11:17:59 ----A---- C:\Windows\system32\mshta.exe

2010-03-03 11:17:59 ----A---- C:\Windows\system32\iexpress.exe

2010-03-03 11:17:58 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2010-03-03 11:17:58 ----A---- C:\Windows\system32\SetDepNx.exe

2010-03-03 11:17:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2010-03-03 11:17:58 ----A---- C:\Windows\system32\PDMSetup.exe

2010-03-03 11:11:07 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}

2010-02-26 18:41:45 ----D---- C:\eb589d538ab8c58f178927e6

2010-02-24 19:50:00 ----A---- C:\Windows\system32\quartz.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\tsbyuv.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\msyuv.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\msvidc32.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\msvfw32.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\msrle32.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\mciavi32.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\iyuv_32.dll

2010-02-24 19:49:59 ----A---- C:\Windows\system32\avifil32.dll

2010-02-24 19:49:47 ----A---- C:\Windows\system32\tzres.dll

2010-02-24 19:49:02 ----A---- C:\Windows\system32\secproc_isv.dll

2010-02-24 19:49:01 ----A---- C:\Windows\system32\secproc.dll

2010-02-24 19:48:48 ----A---- C:\Windows\system32\RMActivate_isv.exe

2010-02-24 19:48:47 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2010-02-24 19:48:47 ----A---- C:\Windows\system32\secproc_ssp.dll

2010-02-24 19:48:47 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2010-02-24 19:48:47 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2010-02-24 19:48:47 ----A---- C:\Windows\system32\RMActivate.exe

2010-02-24 19:48:47 ----A---- C:\Windows\system32\msdrm.dll

2010-02-24 19:48:13 ----A---- C:\Windows\system32\gameux.dll

2010-02-24 19:48:12 ----A---- C:\Windows\system32\Apphlpdm.dll

2010-02-24 19:48:11 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

 

======List of files/folders modified in the last 1 months======

 

2010-03-03 19:35:53 ----D---- C:\Windows\Temp

2010-03-03 19:23:46 ----RD---- C:\Program Files (x86)

2010-03-03 18:53:23 ----D---- C:\Windows\System32

2010-03-03 18:53:22 ----D---- C:\Windows\inf

2010-03-03 16:34:00 ----D---- C:\Windows\system32\drivers

2010-03-03 16:33:57 ----HD---- C:\ProgramData

2010-03-03 16:03:09 ----D---- C:\Windows\tracing

2010-03-03 12:19:15 ----D---- C:\Windows\rescache

2010-03-03 11:49:41 ----D---- C:\Windows\winsxs

2010-03-03 11:49:39 ----SHD---- C:\Windows\Installer

2010-03-03 11:43:27 ----D---- C:\ProgramData\AVG Security Toolbar

2010-03-03 11:35:11 ----D---- C:\Program Files (x86)\Internet Explorer

2010-03-03 11:35:10 ----D---- C:\Windows\SysWOW64

2010-03-03 11:35:10 ----D---- C:\Windows\system32\migration

2010-03-03 11:35:06 ----D---- C:\Windows\system32\fr-FR

2010-03-03 11:35:00 ----D---- C:\Windows\system32\en-US

2010-03-03 11:34:54 ----D---- C:\Windows\PolicyDefinitions

2010-03-03 11:34:46 ----D---- C:\Windows

2010-03-03 11:17:42 ----SHD---- C:\System Volume Information

2010-03-03 10:35:51 ----SD---- C:\ProgramData\Microsoft

2010-02-26 19:06:28 ----D---- C:\Program Files (x86)\Windows Mail

2010-02-26 19:06:09 ----RSD---- C:\Windows\Fonts

2010-02-26 19:06:08 ----D---- C:\Windows\AppPatch

2010-02-24 19:31:26 ----D---- C:\Windows\Prefetch

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AvgLdx64;AVG AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys []

R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys []

R1 AvgTdiA;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdia.sys []

R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys []

R3 AgereSoftModem;TOSHIBA Software Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys []

R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []

R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys []

R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR64.SYS []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []

R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agr64svc.exe []

R2 avg9emc;AVG E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2009-11-03 906520]

R2 avg9wd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2009-12-21 285392]

R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2008-04-03 36864]

R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]

R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]

R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []

R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 434016]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 175104]

R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-29 89920]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]

S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2008-05-28 164600]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-03 182768]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]

 

-----------------EOF-----------------

 

 

 

 

Merci beaucoup à l'avance

Mario

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonsoir,

 

Rsit ne connait pas le 64bits, j'aurais dû vous demander avant quel os vous utilisez

Téléchargez ZhpDiag de Coolman

Il ne nécessite aucune installation.

- Il peut être lancé depuis n'importe quelle unité de disque.

- Il peut être lancé d'une clé USB.

 

ZHPDiag.jpg

Cliquez sur le tournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous pouvez avoir à Accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonjour, voici le rapport demandé:

 

Rapport de ZHPDiag v1.25.1282 par Nicolas Coolman

Run by Sylvie at 2010-03-04 13:26:31

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18882

 

---\\ System Information

Platform : Windows Vista Home Premium (6.0.6002)

Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2939 MB (43% free)

System drive C: has 157 GB (73%) free of 214 GB

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 157 Go of 214 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 8 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

---\\ Processus lancés

[MD5.E8C086DA635EB410FEF106CB279ADFBF] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe

[MD5.72A7A352072EB6EC4953F9F580463B0D] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~2\AVG\AVG9\avgtray.exe

[MD5.07B9233D1B5554A7F3F05AA36755A8E9] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe

[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.8CA340A0929B4595BF7A75E45CF90F84] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

[MD5.8B9DDDC3127C4B7ECA262E61B576921E] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

[MD5.65437DAD4F238EA9549408A783002222] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[MD5.B4149234E67DF5333BF826C14F283DD6] - (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=explorer.exe

 

 

---\\ Pages de démarrage d'Internet Explorer (R0)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) (3.011.025.005) -- C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: AVG Security Toolbar BHO - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pas de propriétaire - Pas de description.) (No version) -- (.not file.)

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files (x86)\AVG\AVG9\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (.Pas de propriétaire - AVG Security Toolbar.) -- C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

 

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AVG9_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [uniblueRegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} . (.not file.) - (.not file.)

O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files (x86)\AVG\AVG9\avgpp.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\SysWOW64\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{36DBC0A6-9B44-44F2-9953-3F90673CF468}.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\regutils.dll

O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r115.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash9e.ocx

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: AVG 9.0 - (.AVG Technologies.)

O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.)

O42 - Logiciel: Ad-Aware - (.Lavasoft.)

O42 - Logiciel: Ad-Aware Email Scanner for Outlook - (.Lavasoft.)

O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.)

O42 - Logiciel: Adobe Reader 8.2.0 - Français - (.Adobe Systems Incorporated.)

O42 - Logiciel: Canon Digital Camera Solution Disk 40-46 Guide de démarrage des logiciels - (.Canon Inc..)

O42 - Logiciel: Canon Guide d'impression personnelle - (.Canon Inc..)

O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..)

O42 - Logiciel: Canon PowerShot A1100 IS Guide d'utilisation de l'appareil photo - (.Canon Inc..)

O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..)

O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..)

O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..)

O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..)

O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..)

O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..)

O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..)

O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..)

O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..)

O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..)

O42 - Logiciel: Décorateur Virtuel Xpert 1.0 - (.Nexun Media.)

O42 - Logiciel: Décorateur Virtuel Xpert : Sico - (.Nexun Media.)

O42 - Logiciel: GearDrvs - (.GEAR Software.)

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)

O42 - Logiciel: Google Update Helper - (.Google Inc..)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.)

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.)

O42 - Logiciel: Java 6 Update 6 - (.Sun Microsystems, Inc..)

O42 - Logiciel: Jeux WildTangent - (.WildTangent.)

O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.)

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.)

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.)

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.)

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.)

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.)

O42 - Logiciel: OnlinePlay 1.0 - (.AOL LLC.)

O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.)

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..)

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..)

O42 - Logiciel: Realtek WLAN driver - (.REALTEK Semiconductor Corp..)

O42 - Logiciel: Realtek WiFi Protected Setup Library - (.REALTEK Semiconductor Corp..)

O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.)

O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.)

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.)

O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.)

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.)

O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.)

O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Pas de propriétaire.)

O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.)

O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.)

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.)

O42 - Logiciel: Toshiba Registration - (.Datalode Inc..)

O42 - Logiciel: Uniblue RegistryBooster 2010 - (.Uniblue Systems Ltd.)

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.)

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.)

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.)

O42 - Logiciel: Visual C++ 8.0 Runtime Setup Package (x64) - (.AVG Technologies CZ, s.r.o..)

O42 - Logiciel: Visual C++ 8.0 Runtime Setup Package (x64) - (.GRISOFT, s.r.o..)

O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.)

O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.)

 

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\AVG

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Canon

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Décorateur Virtuel

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google

O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Intel

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\InterVideo

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Lavasoft

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\OnlinePlay

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Realtek WLAN driver

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\TOSHIBA Games

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Toshiba Registration

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\trend micro

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Ulead Systems

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Uniblue

O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Components

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Canon

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Toshiba Shared

O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Ulead Systems

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C880FD19784292F45D2D20859F6A98E8] - 2010-02-05 - 04:03:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\lsdelete.exe

O44 - LFC:[MD5.8272C88E0567816882D40803571A6E2F] - 2010-02-24 - 19:48:11 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll

O44 - LFC:[MD5.8272C88E0567816882D40803571A6E2F] - 2010-02-24 - 19:48:11 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\System32\GameUXLegacyGDFs.dll

O44 - LFC:[MD5.86DC2FAC9A18B9C29719879EF9DF032F] - 2010-02-26 - 19:07:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log

O44 - LFC:[MD5.174B6668B42EF98E70BD64980EC7706C] - 2010-02-26 - 19:08:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT

O44 - LFC:[MD5.F7CB4ED1D59D69E2382EA277D430DD41] - 2010-03-03 - 11:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\ieuinit.inf

O44 - LFC:[MD5.F7CB4ED1D59D69E2382EA277D430DD41] - 2010-03-03 - 11:23:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ieuinit.inf

O44 - LFC:[MD5.4D55F8A3A34C205FB6D4759C356221CF] - 2010-03-03 - 11:32:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log

O44 - LFC:[MD5.C05C9E3D61D059601AC212D24B98990C] - 2010-03-03 - 18:46:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aaw7boot.log

O44 - LFC:[MD5.841FAC1D3D3F31077862B2C07DE4C9BE] - 2010-03-03 - 22:09:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI

O44 - LFC:[MD5.E7FD93FD694E20B74A7D729BB94BA0EF] - 2010-03-03 - 22:09:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat

O44 - LFC:[MD5.D29BCA7C95D6256AA54FDEBECD0A4DC5] - 2010-03-03 - 22:09:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat

O44 - LFC:[MD5.B735BFE186AB69C79515E3AA8E230A60] - 2010-03-03 - 22:09:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat

O44 - LFC:[MD5.9DE9E5CD76589B259FEB6258223B42DA] - 2010-03-03 - 22:09:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat

O44 - LFC:[MD5.25DBD0926995DF43A74F954654E0B59B] - 2010-03-04 - 13:24:23 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat

O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-03-04 - 13:24:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~2\COMMON~1\ULEADS~1\vio\dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktopChanges"=0

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 2008-01-20 - 21:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 2008-01-20 - 21:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 2008-01-20 - 21:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 2008-01-20 - 21:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.3627A62B10284FFBF862BFD49928EDF4] - 2008-02-29 - 01:59:32 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\agrsm64.sys

O58 - SDL:[MD5.157D0898D4B73F075CE9FA26B482DF98] - 2008-01-20 - 21:46:50 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 2008-01-20 - 21:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 2008-01-20 - 21:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.71511FA7CDFCC4BF9C2BF336612C0409] - 2009-12-21 - 14:01:03 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\system32\drivers\avgldx64.sys

O58 - SDL:[MD5.EEAD1405AC37BA2EE70374EC5973E7F5] - 2009-11-03 - 12:04:59 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\system32\drivers\avgmfx64.sys

O58 - SDL:[MD5.6024A5B7394B2387A91144C6175642D4] - 2009-11-03 - 12:04:46 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\Windows\system32\drivers\avgrkx64.sys

O58 - SDL:[MD5.3C5A6D28667DEF9FE7171C278BAEBDAF] - 2009-12-21 - 14:01:16 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\system32\drivers\avgtdia.sys

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 2006-09-18 - 16:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 2006-09-18 - 16:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 2006-11-02 - 03:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 2006-09-18 - 16:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 2006-09-18 - 16:30:18 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 2006-09-19 - 06:42:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 2008-01-20 - 21:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 2006-11-02 - 06:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 2008-01-20 - 21:46:56 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G6032E.sys

O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 2008-01-20 - 21:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.6D06B5EEBBA23C16789EFC820EE1F253] - 2006-11-19 - 21:11:06 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys

O58 - SDL:[MD5.CB121F1009623E83EBCC2C4DCEF6D3FE] - 2008-04-17 - 14:12:54 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys

O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 2008-01-20 - 21:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.8D58627FEF3F8767665D9F4DC91CBD97] - 2008-04-15 - 16:54:16 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys

O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 2008-01-20 - 21:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.663E7364F650A915D415EEB2DA98D86A] - 2008-06-12 - 05:51:36 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys

O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 2006-11-02 - 07:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 2006-11-02 - 07:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 2006-11-02 - 07:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.A352CDB69AF6E18D60C0001D540D8478] - 2010-02-05 - 04:03:37 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys

O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 2008-01-20 - 21:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 2008-01-20 - 21:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 2008-01-20 - 21:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.989D47E8BD1D7539EB3976D3902E223E] - 2010-01-07 - 16:07:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 2008-01-20 - 21:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 2008-01-20 - 21:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys

O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 2006-11-02 - 07:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 2006-11-02 - 07:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 2008-01-20 - 21:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys

O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 2008-01-20 - 21:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 2008-01-20 - 21:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 2006-11-02 - 06:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.1835B384D2D66752ED1460E9085230BD] - 2008-04-09 - 04:58:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys

O58 - SDL:[MD5.FC8394D5B0F22BC8BA6A082A35905388] - 2008-11-12 - 22:51:38 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\rtl8187B.sys

O58 - SDL:[MD5.FDF4C20B984186D932C39072B7DDB556] - 2008-11-13 - 14:09:28 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\system32\drivers\rtl8187Se.sys

O58 - SDL:[MD5.282FF92E0D15938DECE805C1A0DB01D7] - 2008-12-18 - 03:16:24 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\system32\drivers\rtl819xp.sys

O58 - SDL:[MD5.BFEB9C99AE9AE0C635AC1DC38A2B2F1D] - 2009-11-16 - 03:13:26 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS6 64-bit Driver.) -- C:\Windows\system32\drivers\Rtlh64.sys

O58 - SDL:[MD5.D1664991A07ACF2703D4A4E5BE4B6C80] - 2007-04-23 - 12:15:48 ---A- . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\system32\drivers\RtlProt.sys

O58 - SDL:[MD5.108729909CE285A352A1D1CB96BB1B2E] - 2008-04-02 - 16:27:18 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista x64.) -- C:\Windows\system32\drivers\RTSTOR64.sys

O58 - SDL:[MD5.4019149E4E296072831C8855605D9FDC] - 2010-03-03 - 11:51:28 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 2006-09-29 - 18:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 2008-01-20 - 21:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 2006-11-02 - 07:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 2006-11-02 - 07:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 2006-11-02 - 07:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.D8EDB37F6E235A47E12F1EAFD85C2B6F] - 2008-08-14 - 10:40:44 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys

O58 - SDL:[MD5.D45586A9FACB2C9708B10E491EF748A6] - 2007-12-11 - 13:03:36 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\system32\drivers\tdcmdpst.sys

O58 - SDL:[MD5.DD50A5DF5F7B29FDB6B5FEA728C43DC3] - 2008-07-18 - 17:52:16 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps64.sys

O58 - SDL:[MD5.9A744CC3D804EC38A6C2C65BC3C6FCD8] - 2007-11-09 - 13:00:30 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS

O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 2008-01-20 - 21:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 2006-11-02 - 06:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 2008-01-20 - 21:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 2008-01-20 - 21:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 2008-01-20 - 21:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 2010-01-07 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 2010-03-02 - 07:30:23 ---A- C:\Users\Sylvie\AppData\Roaming\Adobe\Acrobat\8.0\AdobeSysFnt08.lst

O61 - LFC:Last File Created 2010-03-02 - 07:30:23 ---A- C:\Users\Sylvie\AppData\Roaming\Adobe\Acrobat\8.0\UserCache.bin

O61 - LFC:Last File Created 2010-03-02 - 07:31:02 ---A- C:\Users\All Users\avg9\update\download\u9iavi2718u2713xk.bin

O61 - LFC:Last File Created 2010-03-02 - 07:31:02 ---A- C:\Users\All Users\avg9\update\download\x8xplsb2_134jq.bin

O61 - LFC:Last File Created 2010-03-02 - 07:31:02 ---A- C:\Users\All Users\avg9\update\download\x8xplsb_126d124jq.bin

O61 - LFC:Last File Created 2010-03-02 - 07:31:02 ---A- C:\Users\All Users\avg9\update\download\x8xplsc_184d182jq.bin

O61 - LFC:Last File Created 2010-03-02 - 07:31:15 ---A- C:\Users\Sylvie\AppData\Roaming\Adobe\Acrobat\8.0\TMDocs.sav

O61 - LFC:Last File Created 2010-03-02 - 07:31:15 ---A- C:\Users\Sylvie\AppData\Roaming\Adobe\Acrobat\8.0\TMGrpPrm.sav

O61 - LFC:Last File Created 2010-03-02 - 07:32:02 ---A- C:\Users\All Users\avg9\update\backup\sb.dat

O61 - LFC:Last File Created 2010-03-02 - 07:32:03 ---A- C:\Users\All Users\avg9\update\backup\sc.dat

O61 - LFC:Last File Created 2010-03-02 - 07:32:19 ---A- C:\Users\All Users\avg9\Log\avgwd.log.2

O61 - LFC:Last File Created 2010-03-02 - 19:16:29 ---A- C:\Users\All Users\avg9\update\download\u9iavi2719u2718qi.bin

O61 - LFC:Last File Created 2010-03-03 - 10:21:33 ---A- C:\Users\All Users\avg9\Temp\14c0124a-8cb7-473e-9ff0-97030ac60fe9-284-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 10:35:39 ---A- C:\Users\All Users\avg9\Temp\d3a8c743-3b41-41e8-8287-2d8c6dfe1dfa-6c0-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 10:37:05 ---A- C:\Users\All Users\avg9\update\download\u9iavi2720u2719pi.bin

O61 - LFC:Last File Created 2010-03-03 - 10:37:05 ---A- C:\Users\All Users\avg9\update\download\x8xplsb_127d126nr.bin

O61 - LFC:Last File Created 2010-03-03 - 10:37:05 ---A- C:\Users\All Users\avg9\update\download\x8xplsc_185d184nr.bin

O61 - LFC:Last File Created 2010-03-03 - 10:37:52 ---A- C:\Users\All Users\avg9\update\backup\incavi.avm

O61 - LFC:Last File Created 2010-03-03 - 10:38:10 ---A- C:\Users\All Users\avg9\Log\avgwd.log.1

O61 - LFC:Last File Created 2010-03-03 - 10:47:25 ---A- C:\Users\Sylvie\Documents\lavasoft_adawarefree.exe

O61 - LFC:Last File Created 2010-03-03 - 11:10:58 ---A- C:\Users\Sylvie\AppData\Local\Temp\MSIc6d34.LOG

O61 - LFC:Last File Created 2010-03-03 - 11:35:49 ---A- C:\Users\All Users\avg9\Cfg\mail.cfg

O61 - LFC:Last File Created 2010-03-03 - 11:37:00 ---A- C:\Users\All Users\avg9\Temp\2e27bdab-3d25-483d-b4ff-41811aee8aa1-288-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 11:43:27 ---A- C:\Users\All Users\AVG Security Toolbar\osd.xml

O61 - LFC:Last File Created 2010-03-03 - 11:44:55 ---A- C:\Users\All Users\avg9\Temp\dcddeb7e-be83-466d-a5f4-d2c96389e848-55c-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 11:49:27 ---A- C:\Users\All Users\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.lan

O61 - LFC:Last File Created 2010-03-03 - 11:49:27 ---A- C:\Users\All Users\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.par

O61 - LFC:Last File Created 2010-03-03 - 11:49:27 ---A- C:\Users\All Users\{52AC600B-5800-407E-99FF-83CD0669760B}\instance.dat

O61 - LFC:Last File Created 2010-03-03 - 11:50:24 ---A- C:\Users\Sylvie\AppData\Local\Temp\info.txt

O61 - LFC:Last File Created 2010-03-03 - 11:50:27 ---A- C:\Users\All Users\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.dat

O61 - LFC:Last File Created 2010-03-03 - 11:50:48 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.148.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:49 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.149.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:50 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.150.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:50 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.151.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:51 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.152.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:51 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.153.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:52 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.154.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:52 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.155.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:53 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.156.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:54 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.157.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:55 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.158.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:57 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.159.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:57 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.160.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:58 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.161.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:59 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.162.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:50:59 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.163.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:00 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.164.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:01 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.165.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:02 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Defs\core.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:02 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Defs\genotype.ows

O61 - LFC:Last File Created 2010-03-03 - 11:51:02 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\GenoType.ows

O61 - LFC:Last File Created 2010-03-03 - 11:51:02 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\build-149.166.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:02 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\core.aawdef

O61 - LFC:Last File Created 2010-03-03 - 11:51:08 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-Aware.exe

O61 - LFC:Last File Created 2010-03-03 - 11:51:08 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-Aware.exe.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:10 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe

O61 - LFC:Last File Created 2010-03-03 - 11:51:10 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:11 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\CEAPI.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:11 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\CEAPI.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:21 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\EmailScannerAddinSetup.msi.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:22 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\EmailScannerAddinSetup.msi

O61 - LFC:Last File Created 2010-03-03 - 11:51:22 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\PrivacyClean.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:22 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\PrivacyClean.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:23 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\SBRE.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:23 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\SBRE.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:24 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\SBTE.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:24 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\SBTE.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:25 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\aawapi.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:25 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\aawapi.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:26 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\sbap.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:26 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\sbap.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:27 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\EmailScanner.dll

O61 - LFC:Last File Created 2010-03-03 - 11:51:27 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\EmailScanner.dll.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:27 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\version.dat

O61 - LFC:Last File Created 2010-03-03 - 11:51:27 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\version.dat

O61 - LFC:Last File Created 2010-03-03 - 11:51:28 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys

O61 - LFC:Last File Created 2010-03-03 - 11:51:28 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys.compressed

O61 - LFC:Last File Created 2010-03-03 - 11:51:31 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\Service_2010-03-03-11-51-31.log

O61 - LFC:Last File Created 2010-03-03 - 11:51:31 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\Update.log

O61 - LFC:Last File Created 2010-03-03 - 11:51:31 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\aawadmin.log

O61 - LFC:Last File Created 2010-03-03 - 11:51:32 ---A- C:\Users\All Users\Lavasoft\License\adaware.da2

O61 - LFC:Last File Created 2010-03-03 - 11:51:34 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\DriverTool.log

O61 - LFC:Last File Created 2010-03-03 - 11:52:17 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Defs\core.aawdef.hashdiskcache.bin

O61 - LFC:Last File Created 2010-03-03 - 11:53:17 ---A- C:\Users\All Users\avg9\Temp\71bf3ff4-e8c5-4158-9202-4ade8d2e70a4-27c-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 11:56:01 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Defs\core.aawdef.fingerprintdiskcache.bin

O61 - LFC:Last File Created 2010-03-03 - 11:56:01 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Defs\core.aawdef.regdiskcache.bin

O61 - LFC:Last File Created 2010-03-03 - 12:58:53 --HA- C:\Users\All Users\avg9\scanlogs\srm.idx

O61 - LFC:Last File Created 2010-03-03 - 15:16:05 ---A- C:\Users\All Users\avg9\scanlogs\I_00000015.log

O61 - LFC:Last File Created 2010-03-03 - 15:16:06 ---A- C:\Users\All Users\avg9\Log\avgcore.log.1

O61 - LFC:Last File Created 2010-03-03 - 15:26:41 ---A- C:\Users\All Users\avg9\Log\avgrs.log.1

O61 - LFC:Last File Created 2010-03-03 - 15:33:02 ---A- C:\Users\All Users\avg9\Log\avgcore.log.2

O61 - LFC:Last File Created 2010-03-03 - 15:33:02 ---A- C:\Users\All Users\avg9\scanlogs\I_00000016.log

O61 - LFC:Last File Created 2010-03-03 - 15:33:03 ---A- C:\Users\All Users\avg9\Log\avgscan.log

O61 - LFC:Last File Created 2010-03-03 - 16:25:29 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Statistics\4-00F98DA3.lsf

O61 - LFC:Last File Created 2010-03-03 - 16:26:51 ---A- C:\Users\All Users\avg9\Temp\e0d1d14d-9300-4eb7-8f9c-681bec2ff3ef-82c-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 16:30:31 ---A- C:\Users\Sylvie\AppData\Local\Google\Toolbar History\thumbnails\00000014.png

O61 - LFC:Last File Created 2010-03-03 - 16:30:31 ---A- C:\Users\Sylvie\AppData\Local\Google\Toolbar History\urls\00000014

O61 - LFC:Last File Created 2010-03-03 - 16:34:28 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat

O61 - LFC:Last File Created 2010-03-03 - 16:34:38 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\news.txt

O61 - LFC:Last File Created 2010-03-03 - 16:34:49 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

O61 - LFC:Last File Created 2010-03-03 - 18:03:11 ---A- C:\Users\All Users\avg9\Log\avgsched.log.1

O61 - LFC:Last File Created 2010-03-03 - 18:03:19 ---A- C:\Users\All Users\avg9\update\download\avg9infoavi.ctf

O61 - LFC:Last File Created 2010-03-03 - 18:03:19 ---A- C:\Users\All Users\avg9\update\download\avg9infowin.ctf

O61 - LFC:Last File Created 2010-03-03 - 18:03:20 ---A- C:\Users\All Users\avg9\update\download\u9iavi2721u2720mu.bin

O61 - LFC:Last File Created 2010-03-03 - 18:04:18 ---A- C:\Users\All Users\avg9\CfgAll\updateall.cfg

O61 - LFC:Last File Created 2010-03-03 - 18:04:23 ---A- C:\Users\All Users\avg9\CfgAll\falsealarm.cfg

O61 - LFC:Last File Created 2010-03-03 - 18:44:19 ---A- C:\Users\Sylvie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.50504

O61 - LFC:Last File Created 2010-03-03 - 18:44:21 ---A- C:\Users\Sylvie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-03-03 (18-44-21).txt

O61 - LFC:Last File Created 2010-03-03 - 18:44:56 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\24723600

O61 - LFC:Last File Created 2010-03-03 - 18:45:03 --HA- C:\Users\Sylvie\AppData\Local\IconCache.db

O61 - LFC:Last File Created 2010-03-03 - 18:45:13 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\rp_rules.dat

O61 - LFC:Last File Created 2010-03-03 - 18:45:13 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\rp_stats.dat

O61 - LFC:Last File Created 2010-03-03 - 18:45:15 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\quarantine.dat

O61 - LFC:Last File Created 2010-03-03 - 18:45:15 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\whitelist.dat

O61 - LFC:Last File Created 2010-03-03 - 18:45:20 ---A- C:\Users\All Users\avg9\Log\avgcore.log.3

O61 - LFC:Last File Created 2010-03-03 - 18:45:24 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\statistics.dat

O61 - LFC:Last File Created 2010-03-03 - 18:45:29 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\Scan_2010-03-03-11-53-55.log

O61 - LFC:Last File Created 2010-03-03 - 18:46:06 ---A- C:\Users\All Users\avg9\Log\avgtdi.log

O61 - LFC:Last File Created 2010-03-03 - 18:46:10 ---A- C:\Users\All Users\avg9\Log\avgldr.log

O61 - LFC:Last File Created 2010-03-03 - 18:46:18 ---A- C:\Users\All Users\avg9\Temp\842f5945-757d-4d17-bab8-3ca7b50b380f-298-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 18:46:44 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\settings.dat

O61 - LFC:Last File Created 2010-03-03 - 18:46:54 ---A- C:\Users\All Users\avg9\Log\avgam.log

O61 - LFC:Last File Created 2010-03-03 - 18:46:55 ---A- C:\Users\All Users\avg9\emc\Log\emc.log

O61 - LFC:Last File Created 2010-03-03 - 18:47:41 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\Logs\Service_2010-03-03-18-46-43.log

O61 - LFC:Last File Created 2010-03-03 - 18:48:12 ---A- C:\Users\Sylvie\AppData\Local\Temp\Sylvie.bmp

O61 - LFC:Last File Created 2010-03-03 - 18:48:45 ---A- C:\Users\Sylvie\AppData\Local\Temp\AdobeARM.log

O61 - LFC:Last File Created 2010-03-03 - 18:53:25 ---A- C:\Users\Sylvie\AppData\Local\Temp\jusched.log

O61 - LFC:Last File Created 2010-03-03 - 19:03:48 ---A- C:\Users\All Users\avg9\Temp\9911f1e6-f9da-4927-8fd4-7b5317d89ca9-864-oopp.tmp

O61 - LFC:Last File Created 2010-03-03 - 19:10:15 ---A- C:\Users\Sylvie\AppData\Local\Google\Toolbar History\thumbnails\00000011.png

O61 - LFC:Last File Created 2010-03-03 - 19:10:15 ---A- C:\Users\Sylvie\AppData\Local\Google\Toolbar History\urls\00000011

O61 - LFC:Last File Created 2010-03-03 - 19:14:33 ---A- C:\Users\Sylvie\AppData\Roaming\Google\Local Search History\google%2Eweb.w

O61 - LFC:Last File Created 2010-03-03 - 19:16:44 ---A- C:\Users\Sylvie\AppData\Local\Temp\Low\Google Toolbar\GoogleToolbarWelcome.log

O61 - LFC:Last File Created 2010-03-03 - 19:17:43 ---A- C:\Users\All Users\Lavasoft\Ad-Aware\news.dat

O61 - LFC:Last File Created 2010-03-03 - 19:21:28 ---A- C:\Users\All Users\avg9\Lsdb\Prev\prvcache.dat

O61 - LFC:Last File Created 2010-03-03 - 19:52:21 ---A- C:\Users\Sylvie\AppData\Roaming\Microsoft\Office\Recent\Contacts.LNK

O61 - LFC:Last File Created 2010-03-03 - 19:52:21 ---A- C:\Users\Sylvie\AppData\Roaming\Microsoft\Office\Recent\mes contacts.LNK

O61 - LFC:Last File Created 2010-03-03 - 19:52:22 --H-- C:\Users\Sylvie\AppData\Roaming\Microsoft\Office\Recent\index.dat

O61 - LFC:Last File Created 2010-03-03 - 19:52:41 ---A- C:\Users\Sylvie\AppData\Roaming\Microsoft\Office\Excel12.pip

O61 - LFC:Last File Created 2010-03-03 - 21:43:43 ---A- C:\Users\All Users\avg9\Log\avglng.log

O61 - LFC:Last File Created 2010-03-03 - 21:43:45 ---A- C:\Users\All Users\avg9\Log\avgchjwsrv.log

O61 - LFC:Last File Created 2010-03-03 - 21:44:12 ---A- C:\Users\All Users\avg9\Log\vault.log

O61 - LFC:Last File Created 2010-03-03 - 21:44:27 ---A- C:\Users\Sylvie\AppData\Local\Google\Toolbar\metrics.xml

O61 - LFC:Last File Created 2010-03-03 - 21:44:28 ---A- C:\Users\Sylvie\AppData\Roaming\Microsoft\Office\Word12.pip

O61 - LFC:Last File Created 2010-03-03 - 22:07:11 ---A- C:\Users\Sylvie\AppData\Roaming\Uniblue\RegistryBooster\settings.dat

O61 - LFC:Last File Created 2010-03-03 - 22:09:06 ---A- C:\Users\Sylvie\AppData\Roaming\Uniblue\RegistryBooster\history\latest_scan_results.html

O61 - LFC:Last File Created 2010-03-03 - 22:09:06 ---A- C:\Users\Sylvie\AppData\Roaming\Uniblue\RegistryBooster\last_scan.dat

O61 - LFC:Last File Created 2010-03-04 - 09:14:08 ---A- C:\Users\Sylvie\Contacts\Johanne Mario.contact

O61 - LFC:Last File Created 2010-03-04 - 09:15:43 ---A- C:\Users\All Users\avg9\Cfg\updatecomps.cfg

O61 - LFC:Last File Created 2010-03-04 - 09:15:50 ---A- C:\Users\All Users\avg9\Cfg\update.cfg

O61 - LFC:Last File Created 2010-03-04 - 09:15:50 ---A- C:\Users\All Users\avg9\Log\avgns.log

O61 - LFC:Last File Created 2010-03-04 - 09:15:50 ---A- C:\Users\All Users\avg9\Log\avgupd.log

O61 - LFC:Last File Created 2010-03-04 - 09:15:50 ---A- C:\Users\All Users\avg9\Log\fixcfg.log

O61 - LFC:Last File Created 2010-03-04 - 09:15:50 ---A- C:\Users\All Users\avg9\Log\history.xml

O61 - LFC:Last File Created 2010-03-04 - 09:16:27 ---A- C:\Users\All Users\avg9\Cfg\malrep.cfg

O61 - LFC:Last File Created 2010-03-04 - 09:16:27 ---A- C:\Users\All Users\avg9\Log\avgsrm.log

O61 - LFC:Last File Created 2010-03-04 - 09:16:27 ---A- C:\Users\All Users\avg9\Log\avgsrmacstat.log

O61 - LFC:Last File Created 2010-03-04 - 09:43:52 ---A- C:\Users\Sylvie\Contacts\Sylvie (1).contact

O61 - LFC:Last File Created 2010-03-04 - 10:12:42 ---A- C:\Users\All Users\avg9\Chjw\cm-0-p.dat

O61 - LFC:Last File Created 2010-03-04 - 10:14:19 ---A- C:\Users\All Users\avg9\Chjw\cm-1-p.dat

O61 - LFC:Last File Created 2010-03-04 - 10:18:02 ---A- C:\Users\All Users\avg9\Chjw\cm-2-i.dat

O61 - LFC:Last File Created 2010-03-04 - 10:18:02 ---A- C:\Users\All Users\avg9\Chjw\cm-2-p.dat

O61 - LFC:Last File Created 2010-03-04 - 10:18:06 ---A- C:\Users\All Users\avg9\Log\avgchjw.log

O61 - LFC:Last File Created 2010-03-04 - 10:21:42 ---A- C:\Users\All Users\avg9\Cfg\sched.cfg

O61 - LFC:Last File Created 2010-03-04 - 11:08:26 ---A- C:\Users\Sylvie\AppData\Roaming\Uniblue\RegistryBooster\error.log

O61 - LFC:Last File Created 2010-03-04 - 13:24:23 ---A- C:\Users\All Users\avg9\Log\avgcore.log

O61 - LFC:Last File Created 2010-03-04 - 13:24:23 ---A- C:\Users\All Users\avg9\Log\avgui.log

O61 - LFC:Last File Created 2010-03-04 - 13:24:30 ---A- C:\Users\All Users\avg9\Log\avgwdsvc.log

O61 - LFC:Last File Created 2010-03-04 - 13:24:38 ---A- C:\Users\All Users\avg9\Log\avgwd.log

O61 - LFC:Last File Created 2010-03-04 - 13:25:11 ---A- C:\Users\Sylvie\AppData\Local\Temp\IpAdrSet.log

O61 - LFC:Last File Created 2010-03-04 - 13:27:11 ---A- C:\Users\All Users\avg9\Log\avgrs.log

O61 - LFC:Last File Created 2010-03-04 - 13:27:25 ---A- C:\Users\All Users\avg9\Log\avgsched.log

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)

O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)

O63 - Logiciel: RSIT - (random/random)

 

 

 

End of the scan (552 lines in 02mn 18s)

 

 

Merci encore pour votre aide Mario.

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonjour,

 

Il n'y a pas d'infection.

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AVG9_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\PROGRA~2\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\RunOnce: [uniblueRegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe

 

Seul Avg s'impose et maleware's Bytes s'il est résident(Version payante)

Le reste, que vous lancerez en cas de besoin est à supprimer de Msconfig.

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{36DBC0A6-9B44-44F2-9953-3F90673CF468}.job

 

Les jobs Google sont inutiles

 

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.6.0_06\bin\regutils.dll

 

Java n'est pas à jour,donc vulnérable.

Téléchargez Javara

ou là:

Javara

clic sur Download Windows binary.zip vers le bureau.

Dézippez.

lancez Javara.exe

clic sur mise à jour via jucheck

clic sur installer

 

Revenez dans JavaRa

 

Cliquez Effacer les anciennes versions

Puis..... Autres Options ->Cocher Effacer les fichiers JRE Inutiles ->Exécuter

Modifié par pear

Partager ce message


Lien à poster
Partager sur d’autres sites

Bonjour, j'ai fais les changements que vous m'avez recommandés.

J'ai récupéré beaucoup en vitesse et le UC ne reste plus à 100%.

Merci beaucoup pour vos excellents conseils. C'est vraiement très

apprécié. Encore MERCI

Mario.

Partager ce message


Lien à poster
Partager sur d’autres sites

Créer un compte ou se connecter pour commenter

Vous devez être membre afin de pouvoir déposer un commentaire

Créer un compte

Créez un compte sur notre communauté. C’est facile !

Créer un nouveau compte

Se connecter

Vous avez déjà un compte ? Connectez-vous ici.

Connectez-vous maintenant

×