lenteur du pc

johan1 · le 30 juillet 2010

Bonjour,

depuis +/- 15 jours mon pc est devenu tres lent.

apres un crasch windows ecran bleu et redemarage

je suis sous xp sp3 et avant j avais antivir maintenant bitdefender

j aimerais avoir un avis sur mon pc

je trouve des processus identique qui me bouffe des resources

j ai deja effectue pas mal de nettoyage avec les differents programmes

je suis sur le pc du boulot si vs pouviez me dire que faire et avec quel programme je posterai ce soir les rapports

je ne penses pas a un malware mais plutot a des truc qui ce charge plusieurs fois " je suis pas expert "

Merci

pear · le 30 juillet 2010

Bonjour,

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Il ne nécessite aucune installation.

- Il peut être lancé depuis n'importe quelle unité de disque.

- Il peut être lancé d'une clé USB.

Cliquez sur le tournevis

Dans la fenêtre qui s'ouvre, cochez tout.

Clic sur la Loupe pour lancer le scan

Au bout d'un moment ,vous pouvez avoir à Accepter Sysinternal->I agree

Postez en le rapport qui apparait en cliquant l'appareil photo.

johan1 · le 31 juillet 2010

bonjour ok

je ferrais cela lundi soir car je suis a l exterieur ce week end

Merci de votre reponse rapide et je poste le rapport au plus vite

johan

johan1 · le 1 août 2010

Rapport de ZHPDiag v1.26.39 par Nicolas Coolman, Update du 01/08/2010

Run by joannes at 01/08/2010 22:40:36

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

---\\ System Information

Platform : Microsoft Windows XP (5.1.2600) Service Pack 3

Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 511 MB (38% free)

System drive C: has 19 GB (50%) free of 37 GB

---\\ Logged in mode

Computer Name: J-IJOGVL4Z00ZF8

User Name: joannes

All Users Names: SUPPORT_388945a0, joannes, HelpAssistant, ASPNET, Administrateur,

Unselected Option: O82

Logged in as Administrator

---\\ DOS/Devices

A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 37 Go)

F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

---\\ Processus lancés

[MD5.655D4DA7A440FFCF1ADFF2EB9D3072B4] - (.BitDefender S.R.L. - BitDefender Update Service.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [308552]

[MD5.B715ABF90831A37918EB4CAD2CF9DF69] - (.BitDefender S.R.L. - BitDefender Security Service.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [1615688]

[MD5.CC64BB2D200031B11A16FF69DF3E3907] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [1123360]

[MD5.5FD5865DC1A2100F8D4CF000EE5409A3] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120]

[MD5.C501206816F35D20422B4C3F88D62860] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) -- C:\WINDOWS\system32\nvsvc32.exe [163908]

[MD5.166B6630CE180A861BD7C9110FF339D1] - (.BitDefender S.R.L. - BitDefender Security Center.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe [1091984]

[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]

[MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe [223584]

[MD5.EDD2A45C6D5885B050E428CE43810BBD] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [481792]

---\\ Plugins de navigateurs Opera/Firefox(P1/P2)

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18928 (longhorn_ie8_gdr.100503-1700)) -- C:\WINDOWS\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll

---\\ Applications démarrées par registre & par dossier(O4)

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll

O4 - HKLM\..\Run: [bDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe

O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1

O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=145

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~2\Office10\EXCEL.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.not file.) - (.not file.)

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

---\\ Internet Explorer Plugins (O12)

O12 - Plugin for .UVR - C:\Program Files\Internet Explorer\Plugins\NPUPano.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} () - http://launch.gamespyarcade.com/software/launch/alaunch.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/MaConfig_3_5_3_0.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\System32\WgaLogon.dll

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll

O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SupportSoft RemoteAssist (SupportSoft RemoteAssist) . (.SupportSoft, Inc. - ssrc Module.) - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

O23 - Service: BitDefender Virus Shield (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Personnalisation du navigateur - >{F77E1997-3C95-4021-880B-4FDD8764C694} . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf

O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r42.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: bdftdif (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys

O41 - Driver: (SiSkp) . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) - C:\Windows\system32\drivers\srvkp.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: ASUS WLAN Card Utilities/Driver - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe Reader 8.2.3 - Français - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM]

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]

O42 - Logiciel: CIF USB CAMERA - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Empire Earth - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Empire Earth - The Art of Conquest - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Empire Earth Patch 1.0.4.0 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Everest Poker (Remove Only) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Glary Utilities 2.26.0.956 - (.Glarysoft Ltd.) [HKLM]

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: J2SE Runtime Environment 5.0 Update 10 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: J2SE Runtime Environment 5.0 Update 11 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: J2SE Runtime Environment 5.0 Update 7 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: J2SE Runtime Environment 5.0 Update 9 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 10 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Liveupdate4 - (.MSI, Inc..) [HKLM]

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]

O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM]

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]

O42 - Logiciel: Messenger Plus! 3 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: MoD ImperiaL v4.1 - (.TeaM ImperiaL.) [HKLM]

O42 - Logiciel: MoD Imperial v2.1 - (.MoD-ProyecT.) [HKLM]

O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM]

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Praetorians - (.Pyro Studios.) [HKLM]

O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM]

O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM]

O42 - Logiciel: Rome - Total War - (.Activision.) [HKLM]

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM]

O42 - Logiciel: SiS 650 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: SiS 650_651_M650_M652_740 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: SiSAGP driver - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: USB Flash Disk - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Ulead COOL 360 1.0 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic - (.Ulead Systems, Inc..) [HKLM]

O42 - Logiciel: Ulead VideoStudio 7 SE Basic - (.Ulead Systems, Inc..) [HKLM]

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: WebTarot 1.30 - (.AtoutWeb.) [HKLM]

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Workflow Foundation FR Language Pack - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM]

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASUS]

[HKCU\Software\Adobe]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Aurigma]

[HKCU\Software\BitDefender]

[HKCU\Software\BitTorrent]

[HKCU\Software\CDDB]

[HKCU\Software\Classes]

[HKCU\Software\GameSpy]

[HKCU\Software\GlarySoft]

[HKCU\Software\Grand Virtual]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Kazaa]

[HKCU\Software\LowRegistry]

[HKCU\Software\Macromedia]

[HKCU\Software\Mad Doc Software]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\ORL]

[HKCU\Software\Patchou]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Pyro Studios]

[HKCU\Software\SOCID]

[HKCU\Software\SSSI]

[HKCU\Software\SecuROM]

[HKCU\Software\Support.com]

[HKCU\Software\SupportSoft]

[HKCU\Software\TheCreativeAssembly]

[HKCU\Software\TuneUp]

[HKCU\Software\Ulead Systems]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VHLD]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\WebTarot]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\cybelsoft]

[HKCU\Software\pacificpoker]

[HKCU\Software\pokerinstaller]

[HKCU\Software\tioga]

[HKLM\Software\2B9EC021-C823-4f3d-9752-C18522DB7D98]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\BitDefender]

[HKLM\Software\BrowserChoice]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Gemplus]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\MDC]

[HKLM\Software\MSI]

[HKLM\Software\Macromedia]

[HKLM\Software\MidasHeurScanner]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\PLTmp]

[HKLM\Software\Patchou]

[HKLM\Software\PixArt]

[HKLM\Software\Policies]

[HKLM\Software\Praetorians]

[HKLM\Software\Program Groups]

[HKLM\Software\Pyro Studios]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Sierra OnLine]

[HKLM\Software\Sierra]

[HKLM\Software\Software]

[HKLM\Software\Softwin]

[HKLM\Software\SupportSoft]

[HKLM\Software\Symantec]

[HKLM\Software\The Creative Assembly]

[HKLM\Software\TuneUp]

[HKLM\Software\Ulead Systems]

[HKLM\Software\Via4in1Driver]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\cybelsoft]

[HKLM\Software\sis]

[HKLM\Software\support.com]

---\\ Contenu des dossiers Program Files (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Activision

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update

O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS

O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\CIF USB CAMERA

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\directx

O43 - CFD:Common File Directory ----D- C:\Program Files\Eidos Interactive

O43 - CFD:Common File Directory ----D- C:\Program Files\Everest Poker

O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Glary Utilities

O43 - CFD:Common File Directory ----D- C:\Program Files\HardwareDetection

O43 - CFD:Common File Directory ----D- C:\Program Files\HighMAT CD Writing Wizard

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger

O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD:Common File Directory ----D- C:\Program Files\MessengerPlus! 3

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\MSI

O43 - CFD:Common File Directory ----D- C:\Program Files\msn

O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0

O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting

O43 - CFD:Common File Directory ----D- C:\Program Files\OfficeUpdate11

O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek AC97

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\RegClean

O43 - CFD:Common File Directory ----D- C:\Program Files\Setup Files

O43 - CFD:Common File Directory ----D- C:\Program Files\sisagp

O43 - CFD:Common File Directory ----D- C:\Program Files\support.com

O43 - CFD:Common File Directory ----D- C:\Program Files\ToniArts

O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\USBDisk

O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group

O43 - CFD:Common File Directory ----D- C:\Program Files\Webtarot

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate

O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR

O43 - CFD:Common File Directory ----D- C:\Program Files\xerox

O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SupportSoft

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:37:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1111584]

O44 - LFC:[MD5.02035F360B32F57BB0490A4DDD76ACA0] - 01/08/2010 - 21:01:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [12618]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/08/2010 - 21:01:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:01:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.00000000000000000000000000000000] - 01/08/2010 - 21:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.4DA0212084F0DBB2D9E2A1E9BAABC95D] - 01/08/2010 - 21:00:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\nvapps.xml [209540]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/08/2010 - 21:00:45 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.00000000000000000000000000000000] - 31/07/2010 - 12:04:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32530]

O44 - LFC:[MD5.A8F2ADD0E0BACD80DE1A12184A35D6DE] - 31/07/2010 - 11:59:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [404]

O44 - LFC:[MD5.7FA462A80E02178E0A8D87FED75CEF81] - 30/07/2010 - 21:24:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [1497]

O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 30/07/2010 - 08:25:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ashttpstats.csv [52]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_fuzzy.sig [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_spoof.sig [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_summ.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\phar_histprot.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\phar_unmip.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:47 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wsbl.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_drugs.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_gambling.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_games.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_hate.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_illegal.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_im.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_news.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlinedating.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlinepay.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_onlineshop.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_pornography.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_regionaltlds.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_searchengines.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_sign.slf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_socialnetworks.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_tabloids.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_video.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pc_webproxy.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pcwords.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\pcwords2.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_black.dat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_sign.slf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/07/2010 - 19:21:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ph_white.dat [0]

O44 - LFC:[MD5.8D30BECFCF04AC89E20522F38CA2A198] - 28/07/2010 - 19:11:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\bdlog.txt [4420]

O44 - LFC:[MD5.D981965D8D6578D663CF53D70A03F95A] - 28/07/2010 - 18:26:30 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [111312]

O44 - LFC:[MD5.486F6D52CBC1E47B369133D9A1FAFA3F] - 28/07/2010 - 18:21:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\asdict.dat [16]

O44 - LFC:[MD5.F1D3FF8443297732862DF21DC4E57262] - 28/07/2010 - 18:21:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\aspdict-en.dat [4]

O44 - LFC:[MD5.17735036321477105ACA6A6CB5611563] - 14/07/2010 - 20:41:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.bak [12560]

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:14 ---A- C:\WINDOWS\Prefetch\BDMZINST.EXE-06A582C5.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:14 ---A- C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:02:15 ---A- C:\WINDOWS\Prefetch\UISCAN.EXE-194144E5.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:09:39 ---A- C:\WINDOWS\Prefetch\WLTUSER.EXE-05A5B196.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:24 ---A- C:\WINDOWS\Prefetch\ZHPDIAG_1.26.EXE-21E06988.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:25 ---A- C:\WINDOWS\Prefetch\ZHPDIAG_1.26.TMP-094610C6.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:38 ---A- C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:23:53 ---A- C:\WINDOWS\Prefetch\BDWIZREG.EXE-29D833AF.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:27:14 ---A- C:\WINDOWS\Prefetch\UPGREPL.EXE-24BD643C.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:32:15 ---A- C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:34:21 ---A- C:\WINDOWS\Prefetch\LADS.EXE-06335087.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:36:05 ---A- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:22 ---A- C:\WINDOWS\Prefetch\SUBINACL.EXE-17974576.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:25 ---A- C:\WINDOWS\Prefetch\SETACL.EXE-33B348AC.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:37:47 ---A- C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:38:37 ---A- C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf

O45 - LFCP:Last File Created Prefetch 01/08/2010 - 21:38:37 ---A- C:\WINDOWS\Prefetch\MBR.EXE-313604BE.pf

O45 - LFCP:Last File Created Prefetch 25/07/2010 - 19:39:33 ---A- C:\WINDOWS\Prefetch\UPDATE.EXE-2577D203.pf

O45 - LFCP:Last File Created Prefetch 25/07/2010 - 19:39:40 ---A- C:\WINDOWS\Prefetch\AVNOTIFY.EXE-05ED5FD8.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1619A94E.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 17:51:34 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:03:54 ---A- C:\WINDOWS\Prefetch\REVOUNINSTALLER.EXE-38379543.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:04:50 ---A- C:\WINDOWS\Prefetch\AVWSC.EXE-0283F9DD.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:14:48 ---A- C:\WINDOWS\Prefetch\NETSH.EXE-085CFFDE.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 18:20:05 ---A- C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 20:37:38 ---A- C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:00:47 ---A- C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:06:09 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-385E89E5.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:07:14 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-25CBA5A6.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:12:10 ---A- C:\WINDOWS\Prefetch\MMC.EXE-39071BCC.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:17:30 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-43D8C8B5.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:22:33 ---A- C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:23:02 ---A- C:\WINDOWS\Prefetch\CCLEANER.EXE-0BCE437C.pf

O45 - LFCP:Last File Created Prefetch 28/07/2010 - 21:50:24 ---A- C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:20 ---A- C:\WINDOWS\Prefetch\IESHOW.EXE-06DE2DD9.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:20 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:21 ---A- C:\WINDOWS\Prefetch\BDAGENT.EXE-06E7676E.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:21 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-1340EF7F.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:22:26 ---A- C:\WINDOWS\Prefetch\SECCENTER.EXE-33C8281D.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 07:23:12 ---A- C:\WINDOWS\Prefetch\SIGNCHECK.EXE-205B42F0.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 08:25:59 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 19:21:42 ---A- C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 19:21:43 ---A- C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 20:08:06 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 20:16:05 ---A- C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:13 ---A- C:\WINDOWS\Prefetch\ASKINSTALLCHECKER.EXE-023CD4B9.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:16 ---A- C:\WINDOWS\Prefetch\GUSETUPNEW.EXE-2BD44592.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:17 ---A- C:\WINDOWS\Prefetch\IS-165VI.TMP-09E8A23F.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:52 ---A- C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:55 ---A- C:\WINDOWS\Prefetch\INITIALIZE.EXE-110970DF.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:07:59 ---A- C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:27:23 ---A- C:\WINDOWS\Prefetch\EFF.EXE-22F8D8E6.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:17 ---A- C:\WINDOWS\Prefetch\STARTUP.EXE-1B6B33B0.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:30 ---A- C:\WINDOWS\Prefetch\MEMDEFRAG.EXE-01F4C7A7.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:30:53 ---A- C:\WINDOWS\Prefetch\CMM.EXE-1E186ADA.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:31:05 ---A- C:\WINDOWS\Prefetch\REGDEFRAG.EXE-0F7CD524.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:33:08 ---A- C:\WINDOWS\Prefetch\REGREPAIR.EXE-0CD8A22A.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:35:03 ---A- C:\WINDOWS\Prefetch\WEBUPDATE.EXE-0E1736C3.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 21:57:29 ---A- C:\WINDOWS\Prefetch\INTEGRATOR.EXE-3A1D428D.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 22:00:10 ---A- C:\WINDOWS\Prefetch\MSNMSGR.EXE-030AB647.pf

O45 - LFCP:Last File Created Prefetch 29/07/2010 - 22:00:41 ---A- C:\WINDOWS\Prefetch\WLCOMM.EXE-04AE9009.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 07:54:23 ---A- C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 17:17:17 ---A- C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:02:08 ---A- C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:02:17 ---A- C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:08:35 ---A- C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:17:10 ---A- C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:36:35 ---A- C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 18:38:15 ---A- C:\WINDOWS\Prefetch\Layout.ini

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 20:30:36 ---A- C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 20:31:23 ---A- C:\WINDOWS\Prefetch\ADOBEARM.EXE-1095AC0A.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 21:24:34 ---A- C:\WINDOWS\Prefetch\CSTART.EXE-1EDA82DF.pf

O45 - LFCP:Last File Created Prefetch 30/07/2010 - 21:24:40 ---A- C:\WINDOWS\Prefetch\EVEREST POKER.EXE-33F19199.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:45:12 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:55:17 ---A- C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA5.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:56:26 ---A- C:\WINDOWS\Prefetch\SETUP_WM.EXE-3135CBD6.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 11:59:48 ---A- C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 12:02:47 ---A- C:\WINDOWS\Prefetch\RUNDLL32.EXE-33CEEB8D.pf

O45 - LFCP:Last File Created Prefetch 31/07/2010 - 12:04:26 ---A- C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export de clé d'application autorisée (ECAA) (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe

O47 - AAKE:Key Export SP - "C:\Sierra\Empire Earth\Empire Earth.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Sierra\Empire Earth\Empire Earth.exe

O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\BitTorrent\bittorrent.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) (.not file.) -- C:\Program Files\Internet Explorer\iexplore.exe

O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\eMule\emule.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\Total War\Medieval - Total War\Medieval_TW.exe

O47 - AAKE:Key Export SP - "C:\Program Files\GameSpy Arcade\Aphex.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\GameSpy Arcade\Aphex.exe

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dplaysvr.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay Helper.) (.not file.) -- C:\WINDOWS\system32\dplaysvr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe" [Enabled] .(.Pas de propriétaire - .) (.not file.) -- C:\Program Files\Eidos Interactive\Pyro Studios\Praetorians\praetorians.exe

O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.CybelSoft - Service de détection matériel.) (.not file.) -- C:\Program Files\ma-config.com\maconfservice.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) (.not file.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) (.not file.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{74615220-ab5a-11de-b205-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- WDSetup.exe (.not file.)

O51 - MPSK:{8ba42c90-6e3e-11de-b193-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe -a (.not file.)

O51 - MPSK:{9f8b9460-b408-11dd-8d3c-0015f29952f1}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe -a (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"msacm.dvacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.MPEGacm"="C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.A4124165BF701536AC4D2AFBF8B4E452] - 03/05/2002 - 10:40:56 ---A- . (.Alcatel Bell - Helps WDM drivers locate other system components.) -- C:\WINDOWS\system32\drivers\alcacr.sys

O58 - SDL:[MD5.318D6DBC291FD2BB7DC891CF59341E04] - 03/05/2002 - 10:41:30 ---A- . (.Alcatel Bell - Alcatel USB ADSL NDIS 5 WAN Miniport driver.) -- C:\WINDOWS\system32\drivers\alcan5wn.sys

O58 - SDL:[MD5.E3A564DDE82B7FDC92A3128D80418B24] - 03/05/2002 - 10:41:04 ---A- . (.Alcatel Bell - Alcatel USB WDM xDSL Class Driver.) -- C:\WINDOWS\system32\drivers\alcaudsl.sys

O58 - SDL:[MD5.55188AD43D73247CFF83E07ABA1DC007] - 03/05/2002 - 10:40:46 ---A- . (.Alcatel Bell - System-specific functions for Alcatel WDM drivers.) -- C:\WINDOWS\system32\drivers\alcawh.sys

O58 - SDL:[MD5.5003D2E3F6B220ED3B0F1AC2816C2A18] - 19/05/2006 - 14:44:52 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\alcxwdm.sys

O58 - SDL:[MD5.67C2A47DB7190673350A3F9F5A1507CB] - 03/02/2010 - 12:57:36 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfm.sys

O58 - SDL:[MD5.D981965D8D6578D663CF53D70A03F95A] - 28/07/2010 - 18:26:30 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfndisf.sys

O58 - SDL:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 22/02/2010 - 13:58:40 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys

O58 - SDL:[MD5.CA54223D5A5B6A7E3559CB100A0B5E57] - 03/02/2010 - 12:56:32 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\WINDOWS\system32\drivers\bdhv.sys

O58 - SDL:[MD5.375CD0B9F433465EC6F50D4DF44E9448] - 19/01/2010 - 18:32:40 ---A- . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\system32\drivers\BDVEDISK.sys

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.D7010580BF4E45D5E793A1FE75758C69] - 09/06/2006 - 20:27:21 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\mdc8021x.sys

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys

O58 - SDL:[MD5.23B95A09677E62EC8D1641ECF39B9BFB] - 27/03/2009 - 09:03:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 182.50.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys

O58 - SDL:[MD5.93F11CCEAB41A47A0A6317B640B3B807] - 10/02/2004 - 07:40:56 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\pfc027.sys

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys

O58 - SDL:[MD5.70AEEC67E87A2002E6B2CC353D56E222] - 17/10/2005 - 19:50:06 ---A- . (.Ralink Technology Inc. - Sample Driver for Ralink 802.11g Wireless USB Adapters.) -- C:\WINDOWS\system32\drivers\rt2500usb.sys

O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 03/08/2004 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\rtl8139.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/11/2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys

O58 - SDL:[MD5.9E7DEE11FD5A4355941A45F13C0ED59A] - 26/03/2006 - 13:22:14 ---A- . (.Protection Technology (StarForce) - FrontLine Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys

O58 - SDL:[MD5.ECEFB59D2206D281E6D317AF0EA0D8BD] - 13/03/2006 - 10:38:23 ---A- . (.Protection Technology (StarForce) - FrontLine Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 13/04/2008 - 19:36:39 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys

O58 - SDL:[MD5.61CA562DEF09A782D26B3E7EDEC5369A] - 18/07/2003 - 08:58:20 ---A- . (.Silicon Integrated Systems Corporation - SiS AGPv3.5 Filter.) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS

O58 - SDL:[MD5.32F29CDCAB5B20D62BB84810662FBDBC] - 05/08/2004 - 15:58:14 ---A- . (.Silicon Integrated Systems Corporation - SiS Compatible Super VGA Driver.) -- C:\WINDOWS\system32\drivers\sisgrp.sys

O58 - SDL:[MD5.B4485881BD8AED9B157A2E6CF43C2D51] - 25/03/2003 - 16:50:46 ---A- . (.Silicon Integrated Systems Corp. - SiS PCI Mini IDE Driver.) -- C:\WINDOWS\system32\drivers\siside.sys

O58 - SDL:[MD5.6225224B8E846AC230F8D9B343635910] - 17/10/2002 - 15:14:46 R--A- . (.Windows ® 2000 DDK provider - SISIDEX Driver.) -- C:\WINDOWS\system32\drivers\sisidex.sys

O58 - SDL:[MD5.596D4A7052002D2BD344D8937DA6F66D] - 20/08/2002 - 16:19:08 ---A- . (.Silicon Integrated Systems Corp. - SiS Filter Driver.) -- C:\WINDOWS\system32\drivers\sisperf.sys

O58 - SDL:[MD5.15DA420E7314941AAAE4B199D9CF342B] - 05/08/2004 - 15:57:56 ---A- . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) -- C:\WINDOWS\system32\drivers\srvkp.sys

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/05/2009 - 08:12:49 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys

O58 - SDL:[MD5.F76EA9AE8D32EC50159795D29674465E] - 24/07/2002 - 04:30:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\viaagp1.sys

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys

O58 - SDL:[MD5.05A56C3156E1B6CC7BBD8E1D54D491F2] - 09/09/2002 - 18:54:06 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\ASNDIS5.sys

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 22:46:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28/08/2001 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 22:45:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 22:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 22:45:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 22:45:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 22:45:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 01/08/2010 - 21:00:46 -SHA- C:\Documents And Settings\NetworkService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 01/08/2010 - 21:00:47 ---A- C:\Documents And Settings\NetworkService\Cookies\index.dat [16384]

O61 - LFC:Last File Created 01/08/2010 - 21:00:47 ---A- C:\Documents And Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat [16384]

O61 - LFC:Last File Created 01/08/2010 - 21:00:49 -SHA- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-2025429265-1580436667-854245398-1004\Credentials [1514]

O61 - LFC:Last File Created 01/08/2010 - 21:00:49 -SHA- C:\Documents And Settings\joannes\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 01/08/2010 - 21:00:50 -SHA- C:\Documents And Settings\LocalService\Local Settings\desktop.ini [62]

O61 - LFC:Last File Created 01/08/2010 - 21:00:53 ---A- C:\Documents And Settings\LocalService\Cookies\index.dat [16384]

O61 - LFC:Last File Created 01/08/2010 - 21:00:53 ---A- C:\Documents And Settings\LocalService\Local Settings\Historique\History.IE5\index.dat [32768]

O61 - LFC:Last File Created 01/08/2010 - 21:01:34 ---A- C:\Documents And Settings\joannes\Application Dataprivacy.xml [376]

O61 - LFC:Last File Created 01/08/2010 - 21:09:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bs.serving-sys[1].txt [130]

O61 - LFC:Last File Created 01/08/2010 - 21:09:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@serving-sys[3].txt [708]

O61 - LFC:Last File Created 01/08/2010 - 21:13:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@nibal.spartoo[2].txt [110]

O61 - LFC:Last File Created 01/08/2010 - 21:13:31 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\bpid.bigpoint.net\bpidverify.sol [46]

O61 - LFC:Last File Created 01/08/2010 - 21:17:28 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adin-www.bigpoint[1].txt [112]

O61 - LFC:Last File Created 01/08/2010 - 21:17:30 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fr.damoria[2].txt [462]

O61 - LFC:Last File Created 01/08/2010 - 21:18:33 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adviva[1].txt [99]

O61 - LFC:Last File Created 01/08/2010 - 21:20:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@quantserve[2].txt [101]

O61 - LFC:Last File Created 01/08/2010 - 21:21:15 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1D397300-9DAA-11DF-8243-0015F29952F1}.dat [38912]

O61 - LFC:Last File Created 01/08/2010 - 21:22:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@scorecardresearch[2].txt [114]

O61 - LFC:Last File Created 01/08/2010 - 21:22:28 ---A- C:\Documents And Settings\joannes\Cookies\joannes@intellitxt[2].txt [124]

O61 - LFC:Last File Created 01/08/2010 - 21:22:37 ---A- C:\Documents And Settings\joannes\Cookies\joannes@telechargement.zebulon[1].txt [503]

O61 - LFC:Last File Created 01/08/2010 - 21:22:38 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tradedoubler[2].txt [400]

O61 - LFC:Last File Created 01/08/2010 - 21:22:55 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7AD64490-9DAA-11DF-8243-0015F29952F1}.dat [41984]

O61 - LFC:Last File Created 01/08/2010 - 21:22:56 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3D4280D0-9DA9-11DF-8243-0015F29952F1}.dat [135680]

O61 - LFC:Last File Created 01/08/2010 - 21:32:55 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tagoria[2].txt [569]

O61 - LFC:Last File Created 01/08/2010 - 21:36:04 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010080120100802\index.dat [49152]

O61 - LFC:Last File Created 01/08/2010 - 21:36:04 -SHA- C:\Documents And Settings\joannes\PrivacIE\index.dat [16187392]

O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\IECompatCache\index.dat [868352]

O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\IETldCache\index.dat [245760]

O61 - LFC:Last File Created 01/08/2010 - 21:36:29 -SHA- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768]

O61 - LFC:Last File Created 01/08/2010 - 21:36:30 -SHA- C:\Documents And Settings\joannes\Cookies\index.dat [49152]

O61 - LFC:Last File Created 01/08/2010 - 21:36:30 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\index.dat [278528]

O61 - LFC:Last File Created 01/08/2010 - 21:37:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.tagoria[2].txt [116]

O61 - LFC:Last File Created 01/08/2010 - 21:37:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@live[1].txt [304]

O61 - LFC:Last File Created 01/08/2010 - 21:37:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@msn[1].txt [301]

O61 - LFC:Last File Created 01/08/2010 - 21:37:31 ---A- C:\Documents And Settings\joannes\Cookies\joannes@skynet[2].txt [884]

O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{760D0330-9DAC-11DF-8243-0015F29952F1}.dat [3584]

O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{9D50B980-9BA6-11DF-823E-0015F29952F1}.dat [3584]

O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{9FD0F620-9DAC-11DF-8243-0015F29952F1}.dat [4608]

O61 - LFC:Last File Created 01/08/2010 - 21:37:40 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\Windows Live Toolbar\wlto000.sqm [120]

O61 - LFC:Last File Created 01/08/2010 - 21:39:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@forum.zebulon[1].txt [385]

O61 - LFC:Last File Created 01/08/2010 - 21:39:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@specificclick[2].txt [1351]

O61 - LFC:Last File Created 01/08/2010 - 21:39:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.zebulon[1].txt [101]

O61 - LFC:Last File Created 01/08/2010 - 21:39:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fr.a2dfp[1].txt [97]

O61 - LFC:Last File Created 01/08/2010 - 21:39:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@zebulon[1].txt [827]

O61 - LFC:Last File Created 29/07/2010 - 04:10:32 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03342.JPG [1750445]

O61 - LFC:Last File Created 29/07/2010 - 04:14:08 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03346.JPG [1371546]

O61 - LFC:Last File Created 29/07/2010 - 04:14:16 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03347.JPG [1561627]

O61 - LFC:Last File Created 29/07/2010 - 04:14:20 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03348.JPG [1636573]

O61 - LFC:Last File Created 29/07/2010 - 04:14:28 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03349.JPG [1456565]

O61 - LFC:Last File Created 29/07/2010 - 04:14:50 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03350.JPG [1351412]

O61 - LFC:Last File Created 29/07/2010 - 04:14:52 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03351.JPG [1483575]

O61 - LFC:Last File Created 29/07/2010 - 04:15:38 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03353.JPG [1713426]

O61 - LFC:Last File Created 29/07/2010 - 04:15:54 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03354.JPG [1385108]

O61 - LFC:Last File Created 29/07/2010 - 04:16:08 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03355.JPG [1402213]

O61 - LFC:Last File Created 29/07/2010 - 04:16:30 ---A- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03356.JPG [1513882]

O61 - LFC:Last File Created 29/07/2010 - 04:16:46 ----- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\DSC03357.JPG [1516401]

O61 - LFC:Last File Created 29/07/2010 - 07:20:48 -SH-- C:\Documents And Settings\joannes\Local Settings\Temporary Internet Files\desktop.ini [67]

O61 - LFC:Last File Created 29/07/2010 - 07:24:11 ---A- C:\Documents And Settings\joannes\Cookies\joannes@metriweb[2].txt [97]

O61 - LFC:Last File Created 29/07/2010 - 07:25:04 ---A- C:\Documents And Settings\joannes\Cookies\joannes@doubleclick[3].txt [123]

O61 - LFC:Last File Created 29/07/2010 - 07:29:03 ---A- C:\Documents And Settings\joannes\Favoris\jeux\Tanoth Online.url [196]

O61 - LFC:Last File Created 29/07/2010 - 07:30:26 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s1.tanoth.fr\settings.sol [82]

O61 - LFC:Last File Created 29/07/2010 - 07:30:37 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\s1.tanoth.fr\legendonline.sol [143]

O61 - LFC:Last File Created 29/07/2010 - 07:35:31 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s2.tanoth.fr\settings.sol [82]

O61 - LFC:Last File Created 29/07/2010 - 07:35:41 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\s2.tanoth.fr\legendonline.sol [143]

O61 - LFC:Last File Created 29/07/2010 - 07:39:04 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\www.bigpoint.com\bpid\bpid.swf\bpid.sol [68]

O61 - LFC:Last File Created 29/07/2010 - 07:39:04 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.bigpoint.com\settings.sol [86]

O61 - LFC:Last File Created 29/07/2010 - 07:59:23 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.googleadservices[1].txt [481]

O61 - LFC:Last File Created 29/07/2010 - 08:08:04 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\rencontre\Belswing.url [248]

O61 - LFC:Last File Created 29/07/2010 - 20:04:41 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\Windows Live\Toolbar\Feeds\rss30.tmp [2392]

O61 - LFC:Last File Created 29/07/2010 - 20:18:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bpid.bigpoint[1].txt [103]

O61 - LFC:Last File Created 29/07/2010 - 20:18:02 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\bpid.bigpoint.net\bpid.sol [68]

O61 - LFC:Last File Created 29/07/2010 - 20:18:02 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bpid.bigpoint.net\settings.sol [87]

O61 - LFC:Last File Created 29/07/2010 - 20:26:52 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERddd6.dir00\msimn.exe.mdmp [50902]

O61 - LFC:Last File Created 29/07/2010 - 20:29:20 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERddd6.dir00\msimn.exe.hdmp [6445855]

O61 - LFC:Last File Created 29/07/2010 - 20:30:28 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0A4D494-9B44-11DF-823C-0015F29952F1}.dat [320000]

O61 - LFC:Last File Created 29/07/2010 - 20:32:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@meetic-partners[1].txt [89]

O61 - LFC:Last File Created 29/07/2010 - 20:50:27 ---A- C:\Documents And Settings\joannes\Cookies\joannes@xiti[1].txt [107]

O61 - LFC:Last File Created 29/07/2010 - 20:50:32 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#cdn5.specificclick.net\settings.sol [92]

O61 - LFC:Last File Created 29/07/2010 - 20:50:32 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\Zebulon.url [2331]

O61 - LFC:Last File Created 29/07/2010 - 20:57:33 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\cdn5.specificclick.net\img\gu.sol [69]

O61 - LFC:Last File Created 29/07/2010 - 21:01:05 ---A- C:\Documents And Settings\joannes\Cookies\joannes@imageshack[1].txt [108]

O61 - LFC:Last File Created 29/07/2010 - 21:04:36 ---A- C:\Documents And Settings\joannes\Cookies\joannes@a2dfp[2].txt [387]

O61 - LFC:Last File Created 29/07/2010 - 21:05:07 ---A- C:\Documents And Settings\joannes\Cookies\joannes@cdn5.specificclick[1].txt [177]

O61 - LFC:Last File Created 29/07/2010 - 21:05:16 ---A- C:\Documents And Settings\joannes\Cookies\joannes@adtech[1].txt [102]

O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@boursoramabanque.solution.weborama[2].txt [429]

O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@fl01.ct2.comclick[2].txt [480]

O61 - LFC:Last File Created 29/07/2010 - 21:05:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@weborama[1].txt [91]

O61 - LFC:Last File Created 29/07/2010 - 21:05:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@commentcamarche[1].txt [469]

O61 - LFC:Last File Created 29/07/2010 - 21:05:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@smartadserver[1].txt [477]

O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Glary Utilities\Désinstaller Glary Utilities.lnk [677]

O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Glary Utilities\Glary Utilities.lnk [687]

O61 - LFC:Last File Created 29/07/2010 - 21:07:50 ---A- C:\Documents And Settings\joannes\Bureau\Glary Utilities.lnk [675]

O61 - LFC:Last File Created 29/07/2010 - 21:15:32 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9274401968 [184375]

O61 - LFC:Last File Created 29/07/2010 - 21:21:07 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9313390856 [16094]

O61 - LFC:Last File Created 29/07/2010 - 21:23:12 ---A- C:\Documents And Settings\joannes\Cookies\joannes@libellules[1].txt [264]

O61 - LFC:Last File Created 29/07/2010 - 21:26:33 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9351087384 [314]

O61 - LFC:Last File Created 29/07/2010 - 21:29:47 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9373553819 [2060]

O61 - LFC:Last File Created 29/07/2010 - 21:31:09 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gSECU01.tmp [45056]

O61 - LFC:Last File Created 29/07/2010 - 21:32:21 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gsoft02.tmp [27348992]

O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gSAM05.tmp [24576]

O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gdefa04.tmp [360448]

O61 - LFC:Last File Created 29/07/2010 - 21:32:29 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gsyst03.tmp [4382720]

O61 - LFC:Last File Created 29/07/2010 - 21:32:30 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS06.tmp [1429504]

O61 - LFC:Last File Created 29/07/2010 - 21:32:31 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC07.tmp [8192]

O61 - LFC:Last File Created 29/07/2010 - 21:32:36 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS08.tmp [4599808]

O61 - LFC:Last File Created 29/07/2010 - 21:32:36 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC09.tmp [159744]

O61 - LFC:Last File Created 29/07/2010 - 21:32:37 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gNTUS10.tmp [1429504]

O61 - LFC:Last File Created 29/07/2010 - 21:32:37 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gUsrC11.tmp [8192]

O61 - LFC:Last File Created 29/07/2010 - 21:34:34 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9406803009 [314]

O61 - LFC:Last File Created 29/07/2010 - 21:35:01 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~glaryutilities-version.dat [505]

O61 - LFC:Last File Created 29/07/2010 - 21:45:24 ---A- C:\Documents And Settings\joannes\Cookies\joannes@uimserv[1].txt [103]

O61 - LFC:Last File Created 29/07/2010 - 21:45:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.skynet[1].txt [77]

O61 - LFC:Last File Created 29/07/2010 - 21:52:39 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5B90F640-9B52-11DF-823D-0015F29952F1}.dat [38912]

O61 - LFC:Last File Created 29/07/2010 - 21:57:23 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~gu-ver.dat [505]

O61 - LFC:Last File Created 29/07/2010 - 22:00:10 ---A- C:\Documents And Settings\All Users\Application Data\Messenger Plus!\Promotions\Listing.dat [1528]

O61 - LFC:Last File Created 29/07/2010 - 22:00:12 ---A- C:\Documents And Settings\joannes\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0]

O61 - LFC:Last File Created 29/07/2010 - 22:00:33 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\IdentityCRL\Production\MetaConfig.xml [163]

O61 - LFC:Last File Created 29/07/2010 - 22:00:35 ---A- C:\Documents And Settings\joannes\Cookies\joannes@c.live[1].txt [67]

O61 - LFC:Last File Created 29/07/2010 - 22:00:35 ---A- C:\Documents And Settings\joannes\Cookies\joannes@c.msn[1].txt [66]

O61 - LFC:Last File Created 29/07/2010 - 22:00:48 ---A- C:\Documents And Settings\joannes\Cookies\joannes@messenger.msn[1].txt [100]

O61 - LFC:Last File Created 29/07/2010 - 22:00:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@rad.msn[2].txt [680]

O61 - LFC:Last File Created 29/07/2010 - 22:02:08 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm [612]

O61 - LFC:Last File Created 29/07/2010 - 22:02:09 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\MSN Messenger\sqmnoopt01.sqm [284]

O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\LogFiles\edb.log [4194304]

O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\contacts.edb [4210688]

O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\dbstore.ini [174]

O61 - LFC:Last File Created 29/07/2010 - 22:02:11 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{02fe0e0e-5a61-4f06-bf0b-86f5cb78e067}\DBStore\edb.chk [8192]

O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\LogFiles\edb.log [4194304]

O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\contacts.edb [6307840]

O61 - LFC:Last File Created 29/07/2010 - 22:02:14 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\edb.chk [8192]

O61 - LFC:Last File Created 29/07/2010 - 22:02:15 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Windows Live Contacts\{378eacdd-0264-4886-b03f-78961949d319}\DBStore\dbstore.ini [174]

O61 - LFC:Last File Created 29/07/2010 - 22:02:24 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Messenger\ContactsLog.txt [2929458]

O61 - LFC:Last File Created 29/07/2010 - 22:04:09 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\index.ini [288]

O61 - LFC:Last File Created 29/07/2010 - 22:04:10 ---A- C:\Documents And Settings\joannes\Application Data\GlarySoft\Glary Utilities\Backups\40388,9612247917 [314]

O61 - LFC:Last File Created 29/07/2010 - 22:31:28 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010072920100730\index.dat [81920]

O61 - LFC:Last File Created 29/07/2010 - 22:32:37 ---A- C:\Documents And Settings\joannes\Favoris\divers johan\languedoc surf casting.url [274]

O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@atdmt[2].txt [432]

O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bing[2].txt [237]

O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@windowsmarketplace[2].txt [265]

O61 - LFC:Last File Created 29/07/2010 - 22:32:39 ---A- C:\Documents And Settings\joannes\Cookies\joannes@zune[2].txt [237]

O61 - LFC:Last File Created 29/07/2010 - 22:34:19 ---A- C:\Documents And Settings\joannes\Cookies\joannes@a01.gestionpub[2].txt [241]

O61 - LFC:Last File Created 29/07/2010 - 22:34:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@httplanguedocpeche.forumparfait[2].txt [672]

O61 - LFC:Last File Created 29/07/2010 - 22:45:18 ---A- C:\Documents And Settings\joannes\Cookies\joannes@forum.tagoria[2].txt [114]

O61 - LFC:Last File Created 29/07/2010 - 22:47:59 ---A- C:\Documents And Settings\joannes\Cookies\joannes@belswing[1].txt [263]

O61 - LFC:Last File Created 30/07/2010 - 07:49:46 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{9E9C5132-9BA6-11DF-823E-0015F29952F1}.dat [4608]

O61 - LFC:Last File Created 30/07/2010 - 07:50:08 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER0b94.dir00\iexplore.exe.mdmp [69582]

O61 - LFC:Last File Created 30/07/2010 - 07:50:14 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER0b94.dir00\iexplore.exe.hdmp [5487564]

O61 - LFC:Last File Created 30/07/2010 - 07:51:34 ---A- C:\Documents And Settings\joannes\Cookies\joannes@bluestreak[2].txt [183]

O61 - LFC:Last File Created 30/07/2010 - 07:53:47 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D228C875-9BA6-11DF-823E-0015F29952F1}.dat [4096]

O61 - LFC:Last File Created 30/07/2010 - 07:53:51 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER8659.dir00\iexplore.exe.mdmp [83953]

O61 - LFC:Last File Created 30/07/2010 - 07:53:56 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WER8659.dir00\iexplore.exe.hdmp [6689615]

O61 - LFC:Last File Created 30/07/2010 - 07:54:12 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERd378.dir00\iexplore.exe.mdmp [83953]

O61 - LFC:Last File Created 30/07/2010 - 07:54:16 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\WERd378.dir00\iexplore.exe.hdmp [6689615]

O61 - LFC:Last File Created 30/07/2010 - 08:20:21 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F2FF1F64-9BA9-11DF-823E-0015F29952F1}.dat [760320]

O61 - LFC:Last File Created 30/07/2010 - 17:17:26 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~DFDF08.tmp [16384]

O61 - LFC:Last File Created 30/07/2010 - 17:56:48 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tanoth[1].txt [93]

O61 - LFC:Last File Created 30/07/2010 - 18:02:17 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log [80088]

O61 - LFC:Last File Created 30/07/2010 - 18:02:17 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp [33036]

O61 - LFC:Last File Created 30/07/2010 - 18:05:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@tagoria[3].txt [569]

O61 - LFC:Last File Created 30/07/2010 - 18:07:57 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\~DF5D2.tmp [16384]

O61 - LFC:Last File Created 30/07/2010 - 18:18:45 ---A- C:\Documents And Settings\joannes\Favoris\jeux\Tagoria Village.url [14400]

O61 - LFC:Last File Created 30/07/2010 - 18:38:55 --HA- C:\Documents And Settings\Administrateur\ntuser.dat.LOG [1024]

O61 - LFC:Last File Created 30/07/2010 - 20:26:30 ---A- C:\Documents And Settings\joannes\Cookies\joannes@ncm.neteller[1].txt [96]

O61 - LFC:Last File Created 30/07/2010 - 20:27:08 ---A- C:\Documents And Settings\joannes\Cookies\joannes@sharethis[1].txt [99]

O61 - LFC:Last File Created 30/07/2010 - 20:30:22 ---A- C:\Documents And Settings\joannes\Cookies\joannes@h.online-metrix[1].txt [116]

O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\#SharedObjects\XSM2BLAP\aa.online-metrix.net\fpc.swf\session.sol [76]

O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#aa.online-metrix.net\settings.sol [90]

O61 - LFC:Last File Created 30/07/2010 - 20:30:23 ---A- C:\Documents And Settings\joannes\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [1530]

O61 - LFC:Last File Created 30/07/2010 - 20:31:38 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat [5471]

O61 - LFC:Last File Created 30/07/2010 - 20:31:38 ---A- C:\Documents And Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat [4232]

O61 - LFC:Last File Created 30/07/2010 - 20:31:39 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\AdobeARM.log [1059]

O61 - LFC:Last File Created 30/07/2010 - 20:33:42 ---A- C:\Documents And Settings\joannes\Cookies\joannes@yahoo[1].txt [88]

O61 - LFC:Last File Created 30/07/2010 - 20:33:54 ---A- C:\Documents And Settings\joannes\Cookies\joannes@laposte[1].txt [74]

O61 - LFC:Last File Created 30/07/2010 - 20:34:01 ---A- C:\Documents And Settings\joannes\Favoris\Laposte.url [10183]

O61 - LFC:Last File Created 30/07/2010 - 20:39:07 ---A- C:\Documents And Settings\joannes\Cookies\joannes@moneytransfer.neteller[2].txt [222]

O61 - LFC:Last File Created 30/07/2010 - 20:44:39 ---A- C:\Documents And Settings\joannes\Application Data\Adobe\Acrobat\8.0\TMDocs.sav [36]

O61 - LFC:Last File Created 30/07/2010 - 20:44:39 ---A- C:\Documents And Settings\joannes\Application Data\Adobe\Acrobat\8.0\TMGrpPrm.sav [54]

O61 - LFC:Last File Created 30/07/2010 - 20:47:09 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www1.neteller[2].txt [83]

O61 - LFC:Last File Created 30/07/2010 - 20:50:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.neteller[2].txt [254]

O61 - LFC:Last File Created 30/07/2010 - 20:50:01 ---A- C:\Documents And Settings\joannes\Cookies\joannes@neteller[2].txt [100]

O61 - LFC:Last File Created 30/07/2010 - 20:50:49 ---A- C:\Documents And Settings\joannes\Cookies\joannes@test.coremetrics[2].txt [106]

O61 - LFC:Last File Created 30/07/2010 - 20:58:12 ---A- C:\Documents And Settings\joannes\Cookies\joannes@help-fr.neteller[1].txt [250]

O61 - LFC:Last File Created 30/07/2010 - 21:07:29 ---A- C:\Documents And Settings\joannes\Cookies\joannes@stats.wirecard[2].txt [137]

O61 - LFC:Last File Created 30/07/2010 - 21:11:57 -S-A- C:\Documents And Settings\joannes\Application Data\Microsoft\CryptnetUrlCache\Content\E0368BD38F9E8E14978A5E6E94D1ECDF [1512]

O61 - LFC:Last File Created 30/07/2010 - 21:11:57 -S-A- C:\Documents And Settings\joannes\Application Data\Microsoft\CryptnetUrlCache\MetaData\E0368BD38F9E8E14978A5E6E94D1ECDF [128]

O61 - LFC:Last File Created 30/07/2010 - 21:24:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@overture[1].txt [159]

O61 - LFC:Last File Created 30/07/2010 - 21:24:50 ---A- C:\Documents And Settings\joannes\Cookies\joannes@www.ask-ibs[1].txt [69]

O61 - LFC:Last File Created 30/07/2010 - 21:25:10 ---A- C:\Documents And Settings\joannes\Favoris\Moneybookers.com - kviqztnr1.url [267]

O61 - LFC:Last File Created 30/07/2010 - 21:28:17 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010073020100731\index.dat [81920]

O61 - LFC:Last File Created 30/07/2010 - 21:45:32 ---A- C:\Documents And Settings\joannes\Cookies\joannes@wc.everestgaming[2].txt [245]

O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@entropay[1].txt [359]

O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@escape.insites[1].txt [90]

O61 - LFC:Last File Created 30/07/2010 - 21:46:00 ---A- C:\Documents And Settings\joannes\Cookies\joannes@secure2.entropay[2].txt [647]

O61 - LFC:Last File Created 30/07/2010 - 21:48:57 ---A- C:\Documents And Settings\joannes\Cookies\joannes@moneybookers[1].txt [445]

O61 - LFC:Last File Created 31/07/2010 - 11:38:25 -SHA- C:\Documents And Settings\joannes\Local Settings\Historique\History.IE5\MSHist012010073120100801\index.dat [32768]

O61 - LFC:Last File Created 31/07/2010 - 11:43:36 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\73. 10-11 juillet\Thumbs.db [68608]

O61 - LFC:Last File Created 31/07/2010 - 11:46:18 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [18944]

O61 - LFC:Last File Created 31/07/2010 - 11:48:10 -SHA- C:\Documents And Settings\All Users\DRM\Cache\Indiv02.tmp [0]

O61 - LFC:Last File Created 31/07/2010 - 11:48:17 ---A- C:\Documents And Settings\joannes\Cookies\joannes@onlinestores.metaservices.microsoft[1].txt [147]

O61 - LFC:Last File Created 31/07/2010 - 11:48:18 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\wmplog00.sqm [1424]

O61 - LFC:Last File Created 31/07/2010 - 11:54:08 ---A- C:\Documents And Settings\joannes\Recent\MOV03344.lnk [431]

O61 - LFC:Last File Created 31/07/2010 - 11:54:09 ---A- C:\Documents And Settings\joannes\Recent\101MSDCF.lnk [308]

O61 - LFC:Last File Created 31/07/2010 - 11:55:33 -SHA- C:\Documents And Settings\All Users\DRM\drmstore.hds [200704]

O61 - LFC:Last File Created 31/07/2010 - 11:56:50 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl [453]

O61 - LFC:Last File Created 31/07/2010 - 11:56:55 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [5874]

O61 - LFC:Last File Created 31/07/2010 - 11:56:56 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb [5394432]

O61 - LFC:Last File Created 31/07/2010 - 11:56:56 ---A- C:\Documents And Settings\joannes\Local Settings\Temp\wmplog01.sqm [1424]

O61 - LFC:Last File Created 31/07/2010 - 11:57:30 ---A- C:\Documents And Settings\joannes\Application Data\Microsoft\Windows Live\Toolbar\Feeds\index.xml [650]

O61 - LFC:Last File Created 31/07/2010 - 11:57:32 ---A- C:\Documents And Settings\joannes\Cookies\joannes@facebook[1].txt [290]

O61 - LFC:Last File Created 31/07/2010 - 11:58:33 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\74. l'abricot\Thumbs.db [24576]

O61 - LFC:Last File Created 31/07/2010 - 12:01:57 ---A- C:\Documents And Settings\joannes\Recent\DSC03356.lnk [994]

O61 - LFC:Last File Created 31/07/2010 - 12:01:58 ---A- C:\Documents And Settings\joannes\Recent\75. 29 juillet 1ere séance de coiffeur.lnk [685]

O61 - LFC:Last File Created 31/07/2010 - 12:02:05 -SHA- C:\Documents And Settings\joannes\Mes documents\numerique\75. 29 juillet 1ere séance de coiffeur\Thumbs.db [59392]

O61 - LFC:Last File Created 31/07/2010 - 12:02:24 ---A- C:\Documents And Settings\joannes\Recent\74. l'abricot.lnk [560]

O61 - LFC:Last File Created 31/07/2010 - 12:02:24 ---A- C:\Documents And Settings\joannes\Recent\DSC03339.lnk [819]

O61 - LFC:Last File Created 31/07/2010 - 12:03:34 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Boîte de réception.dbx [1161840]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Boîte d'envoi.dbx [4319956]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Folders.dbx [74720]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Offline.dbx [9656]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Pop3uidl.dbx [9404]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Éléments envoyés.dbx [4333680]

O61 - LFC:Last File Created 31/07/2010 - 12:03:40 ---A- C:\Documents And Settings\joannes\Local Settings\Application Data\Identities\{6B321075-F734-473B-BA0F-9554D3D23D22}\Microsoft\Outlook Express\Éléments supprimés.dbx [387796]

O61 - LFC:Last File Created 31/07/2010 - 12:04:15 --HA- C:\Documents And Settings\joannes\Local Settings\Application Data\IconCache.db [5565778]

---\\ Alternate Data Stream File (ADS) (O62)

O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\TVModeLib.dll:Zone.Identifier

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - (.not file.) - 3a4e7e6a (3a4e7e6a) .(.Pas de propriétaire - Pas de description.) - LEGACY_3A4E7E6A

O64 - Services: CurCS - (.not file.) - 451d30fa (451d30fa) .(.Pas de propriétaire - Pas de description.) - LEGACY_451D30FA

O64 - Services: CurCS - C:\WINDOWS\system32\ASNDIS5.sys - ASNDIS5 Protocol Driver (ASNDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_ASNDIS5

O64 - Services: CurCS - (.not file.) - avgntflt (avgntflt) .(.Pas de propriétaire - Pas de description.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\drivers\bdfm.sys - BDFM (bdfm) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM

O64 - Services: CurCS - C:\Windows\system32\drivers\bdfsfltr.sys - bdfsfltr (bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR

O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif (bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF

O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys - BDSelfPr (BDSelfPr) .(.BitDefender - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR

O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys - BDVEDISK (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK

O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH

O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL

O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10741

O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILREBOOTDRV

O64 - Services: CurCS - C:\Program Files\MSI\Live Update 4\LU4\FLASHsys.sys - FLASHSYS (FLASHSYS) .(.Pas de propriétaire - Pas de description.) - LEGACY_FLASHSYS

O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - BitDefender Desktop Update Service (LIVESRV) .(.BitDefender S.R.L. - BitDefender Update Service.) - LEGACY_LIVESRV

O64 - Services: CurCS - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mdc8021x.sys - AEGIS Protocol (IEEE 802.1x) v2.3.1.9 (MDC8021X) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_MDC8021X

O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP

O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS

O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 182.5.) - LEGACY_NVSVC

O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR

O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys - Profos (Profos) .(.BitDefender S.R.L. - Profos Kernel Module.) - LEGACY_PROFOS

O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP

O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS

O64 - Services: CurCS - (.not file.) - SAVRTPEL (SAVRTPEL) .(.Pas de propriétaire - Pas de description.) - LEGACY_SAVRTPEL

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x) (sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01

O64 - Services: CurCS - C:\Windows\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x) (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02

O64 - Services: CurCS - C:\Windows\system32\drivers\sisidex.sys - sisidex (sisidex) .(.Windows ® 2000 DDK provider - SISIDEX Driver.) - LEGACY_SISIDEX

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe - SupportSoft RemoteAssist (SupportSoft RemoteAssist) .(.SupportSoft, Inc. - ssrc Module.) - LEGACY_SUPPORTSOFT_REMOTEASSIST

O64 - Services: CurCS - (.not file.) - SYMIDSCO (SYMIDSCO) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMIDSCO

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE

O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys - Trufos (Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS

O64 - Services: CurCS - (.not file.) - Gestionnaire de téléchargement (uploadmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_UPLOADMGR

O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe - BitDefender Virus Shield (VSSERV) .(.BitDefender S.R.L. - BitDefender Security Service.) - LEGACY_VSSERV

---\\ Liste des fichiers non signés (LUF) (O65)

O65 - LUF:17/05/2004 (.Pas de propriétaire - AegisInstall Application.) (2, 3, 1, 9) - c:\windows\system32\AegisI5.exe

O65 - LUF:20/08/2002 (.Pas de propriétaire - IDEproperty Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\IDEproperty.dll

O65 - LUF:17/03/2005 (.Pas de propriétaire - setuplib Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\setuplib.dll

O65 - LUF:17/03/2005 (.Pas de propriétaire - TVModeLib Dynamic Link Library.) (1, 0, 0, 1) - c:\windows\system32\TVModeLib.dll

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

O66 - EventLog: ID=439 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\edb.log

O66 - EventLog: ID=490 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\CatRoot2\edb.chk

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)

[HKCU\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel]

O69 - SBI: SearchScopes {05EEC121-5BEB-4A00-8B2A-AEC38B987241}- (Wikipedia (en)) - http://en.wikipedia.org

O69 - SBI: SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A}- (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes {3D60FDCD-0B78-48BD-88C8-EDEDA746855C}- (Google) - Google

O69 - SBI: SearchScopes {570E00E6-B32E-414B-9B4D-188248677B1F}- (Youtube) - http://www.youtube.com

O69 - SBI: SearchScopes {8ABC3C14-2C17-4B68-BE60-185185FBD1C0} [DefaultScope] - (Google Skynet) - Skynet.be - LE portail belge – DE Belgische portaalsite!

O69 - SBI: SearchScopes {DDFB46EA-5894-4C6D-A44E-980690A900FB}- (Blogs) - Skynet.be - LE portail belge – DE Belgische portaalsite!

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by joannes at 01/08/2010 22:58:16

device: opened successfully

user: MBR read successfully

called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys siside.sys PCIIDEX.SYS

kernel: MBR read successfully

user & kernel MBR OK

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\appmgmts.dll [0]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [42496]

O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\System32\cryptsvc.dll [62464]

O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\System32\dmserver.dll [24576]

O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\System32\dhcpcsvc.dll [127488]

O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\System32\ersvc.dll [23040]

O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952]

O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: HidServ (HidServ) . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\hidserv.dll [0]

O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [96768]

O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\System32\netman.dll [198144]

O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\System32\mswsock.dll [247808]

O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [88576]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [186368]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [53248]

O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]

O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\System32\seclogon.dll [18944]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [332800]

O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171520]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\WINDOWS\System32\tapisrv.dll [249856]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]

O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [178176]

O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\System32\wzcsvc.dll [483840]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [297984]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [135680]

O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]

O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\System32\xmlprov.dll [129024]

O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]

O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]

O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\System32\qagentrt.dll [293376]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [61440]

End of the scan (1110 lines in 17mn 41s)(0)

pear · le 1 août 2010

Bonsoir,

Il n'y a pas d'infection visible.

On va vérifier qu'il n'y ait pas d'infection cachée;

Télécharger gmer

- Cliquer sur le bouton "Download EXE"

- Sauvegardez sur le Bureau.

- Collez et sauvegardez ces instructions dans un fichier texte ou imprimez-les, car il faudra fermer le navigateur.

Avant toute utilisation de GMER, veuillez désactiver votre antivirus, antispyware sous peine de crash.

- Fermez les fenêtres de navigateur ouvertes.

- Lancez le fichier téléchargé par double clic(le nom comporte 8 chiffres/lettres aléatoires) ;

- Si l'outil lance un warning d'activité de rootkit et demande de faire un scan ; cliquez "NO"

- Dans la section de droite de la fenêtre de l'outil, Vérifiez que soient décochées les options suivantes :

Show All

Cochez juste " Sections" et "Files

- Cliquez sur le bouton "Scan" et patientez (cela peut prendre 10 minutes ou +)

Il peut arriver que GMER plante sans raison apparente.

Vous pouvez essayer ceci : décocher "Devices" dans un premier temps et repasser l'outil ;

si ça coince toujours, décocher en plus "Files" et ré-essayez un scan.

Lorsque les informations sur le scan s'affichent , les éléments détectés comme rootkit apparaissent en rouge dans chaque section.

Le bouton Copy permet de récupérer le résultat pour effectuer un copier/coller.

Le bouton Save permet l'enregistrement du rapport sur votre disque au format texte.

En tout état de cause,voici quelques pistes susceptibles d'apporter une amélioration:

Dns et Fichier Hosts

Si, comme souvent recommendé, vous avez optimisé votre fichier Hosts pour vous protéger de sites dangereux,

Il faut absolument désactiver le service Client DNS

Nettoyer Xp:Vider les fichiers temporaires(Ccleaner)

Téléchargez CCleaner

et installez le

à l'installation penser à decocher l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner.

Lancez le en double cliquant sur CCleaner.exe

-=Suppression des fichiers temporaires=-

*Dans la section "Options" situé dans la marge gauche,aller dans "Avancé" et décocher "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 24 heures".

Dans la section "Nettoyeur"

* Cocher toutes les cases dans la marge gauche pour Internet Explorer et Windows Explorer

Faites de même pour Système sauf les 2 dernières

Dans Avancé, ne cochez que les 3 dernières.

* Cliquer sur Analyse

* Le scan, qui peut prendre un peu de temps si c'est la première fois.

* Une fois le scan terminé, cliquer sur Lancer le Nettoyage

Evitez d'utiliser le nettoyage du Régistre qui pour vous faire gagner quelques microsecondes risque de déstabiliser votre systême

, supprimer les fichiers inutiles(EasyCleanerr)

Téléchargement deEasyCleaner de Toni Helenius

Ne jamais utiliser la fonction"Doublons"

Cliquez surInutiles

Défragmenter:Mydefrag,PowerDefrag, AuslogicDefrag(gratuits et efficaces)

Vérifier l'UDMA

Il se pourrait que Windows reconnaisse l'IDE principal en mode PIO au lieu Ultra DMA suite à plusieurs erreurs disque.

Faites ceci:

Poste de travail->votre disque ->Propriétés->Outils ->Vérifier maintenant

ou , si vous préférez:

Démarrer->Exécuter->chkdsk /f/r

Ensuite,faites une sauvegarde par sécurité, puis:

Poste de Travail->Propriétés->Matériel->Gestionnaire de Périphériques->

Controleur ATAPI/IDE->Controleur Ide Principal->Propriétés->Paramètres avancés

Si le mode de transfert actif est Pio au lieu de Udma , clic sur onglet Pilotes->Désinstaller

Redémarrer ensuite votre machine.

Désactiver l'indexation des fichiers

Poste de travail->clic droit sur chacune des partitions de disque dur.

Allez dans les propriétés et désactivez Autoriser l'indexation de ce disque

Cliquez sur Appliquer puis sur OK.

Une nouvelle fenêtre s’ouvrira et vous devrez sélectionner Appliquer à tous les sous-dossiers et fichiers.

Il faut aussi désactiver le service correspondant :

Pour cela, allez dans le Panneau de configuration et cliquez sur Outils d'administration

Cliquez ensuite sur Services et recherchez dans la colonne Nom > Service d'indexation

Double cliquez

Choisissez dans Type de démarrage "Désactivé"

Pour le supprimer définitivement:

Copiez collez dans le bloc notes.

Enregistrez sous Serv.bat, sur le bureau.

Double clic pour lancer.

@echo Suppression du Service

sc stop cisvc

sc delete cisvc

cd c:\

cd windows

cd system32

del /f /s /q C:\WINDOWS\System32\cisvc.exe

Jqs.exe fait partie de Java Platform SE 6 U5\r de Sun Microsystems, Inc.\r

Il est installé par défaut dans les dernières versions, et est censé aléliorer l'ouverture des sites les plusfréquentés en en mettant le lien en préfetch.

Cependant son coût en ressources système et mémoire est supérieur au bénéfice retiré dans une utilisation courante.

Pour le désinstaller:

Panneau de configuration->Java->Avancé->Divers

Décocher Java quick starter->Appliquer->Ok.

johan1 · le 2 août 2010

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-02 09:02:54

Windows 5.1.2600 Service Pack 3

Running: 60tbf5ux.exe; Driver: C:\DOCUME~1\joannes\LOCALS~1\Temp\uwlirfoc.sys

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 40C 804E2A78 4 Bytes CALL 8C07DC98

.text ntoskrnl.exe!_abnormal_termination + 440 804E2AAC 12 Bytes [44, 19, B2, B9, A6, 18, B2, ...] {INC ESP; SBB [EDX-0x4de75947], ESI; MOV ECX, 0xb9b21dac}

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF7EBB380, 0x34C81F, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F547AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[1812] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F546D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4D0ED C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB1C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC467C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F5480F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F54741 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F547AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F54612 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F54674 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F54872 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F546D6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5DB78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F54B77 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!getaddrinfo 719F2A6F 5 Bytes JMP 46CAE71D C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!closesocket 719F3E2B 5 Bytes JMP 46CAEEE9 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!socket 719F4211 5 Bytes JMP 46CAE59E C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!connect 719F4A07 5 Bytes JMP 46CAE62A C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!send 719F4C27 5 Bytes JMP 46CAE9ED C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3152] ws2_32.dll!recv 719F676F 5 Bytes JMP 46CAF1C3 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

cccleanr ok

easy je vais le faire

Connexion

Pas encore inscrit ?

lenteur du pc

Messages recommandés

johan1

pear

johan1

johan1

pear

johan1

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer