Sujet Précédent Sujet Suivant

Bakdoor impossible a supprimer help

dani30 -  
dani30 Messages postés 10 Statut Membre -
Bonjour,
quelqu'un peu me dire comment supprimer un virus sur mon ordi voila l'analyse de mon antivirus
Logiciel malveillant détecté "BiFrost" (Backdoor) in hkey_users\s-1-5-21-1154080021-2091711199-810702523-1001\software\bifrost
mon antivirus le détecte et le supprime mai a chaque foi que redémarre et je refait une analyse le virus revient.
mon antivirus c'est outpost Security suite la même chose pour Spybot et malwyrebetes tous le détecte et le surprime mai et revient
aide svp

<config>Windows 7
A voir également:

12 réponses

Réponse 1 / 12
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
bonjour

Téléchargez USBFIX de El Desaparecido, C_xx

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097

/!\ Utilisateur de vista et windows 7 :
ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

* Double clic sur le raccourci UsbFix présent sur le bureau .

* Choisir l'option Recherche
(d'autres options disponibles, voir le tutoriel).
* Laissez travailler l'outil.

* Ensuite postez le rapport UsbFix.txt qui apparaîtra.

* Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

* Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 2 / 12
dani30
 
re bonjour
j'ai oublier de vous dire que j'ai fait une recherche dans le registre son trouvé cette clé
merci de votre aide
0
Réponse 3 / 12
dani30 Messages postés 10 Statut Membre
 
ok merci je poste les résultat
0
Réponse 4 / 12
dani30 Messages postés 10 Statut Membre
 
re bonjour

voila les résultat de l'analyse

############################## | UsbFix 7.027 | [Recherche]

Utilisateur: dani (Administrateur) # DANI-PC [To Be Filled By O.E.M. To Be Filled By O.E.M.]
Mis à jour le 28/09/10 par El Desaparecido / C_XX
Lancé à 18:47:45 | 28/09/2010
Site Web: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 32-Bit) #
Internet Explorer 8.0.7600.16385

RAM -> 2303 Mo
C:\ (%systemdrive%) -> Disque fixe # 59 Go (32 Go libre(s) - 54%) [] # NTFS
D:\ -> Disque fixe # 89 Go (48 Go libre(s) - 54%) [] # NTFS
E:\ -> CD-ROM

################## | Éléments infectieux |

################## | Registre |

Présent! HKCU\Software\Bifrost

################## | Mountpoints2 |

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
dani30 Messages postés 10 Statut Membre
 
rapport hijackthis

info.txt logfile of random's system information tool 1.08 2010-09-29 11:25:47

======Uninstall list======

4Story 3.4.1-->"C:\Program Files\Gameforge4D\4Story\unins000.exe"
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Balabolka-->C:\Program Files\Balabolka\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink PhotoNow-->"C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" /z-uninstall
CyberLink PhotoNow-->"C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" /z-uninstall
CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{8A1600D2-B038-4F73-851E-946B0155810E}" "1036" "0"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Media Player Classic - Home Cinema v1.4.2499.0-->"C:\Program Files\Media Player Classic - Home Cinema\unins000.exe"
Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office Access MUI (French) 2010-->MsiExec.exe /X{90140000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2010-->MsiExec.exe /X{90140000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2010-->MsiExec.exe /X{90140000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2010-->MsiExec.exe /X{90140000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2010-->MsiExec.exe /X{90140000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2010-->MsiExec.exe /X{90140000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2010-->MsiExec.exe /X{90140000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Professionnel Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Proof (Arabic) 2010-->MsiExec.exe /X{90140000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2010-->MsiExec.exe /X{90140000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2010-->MsiExec.exe /X{90140000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2010-->MsiExec.exe /X{90140000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2010-->MsiExec.exe /X{90140000-001B-040C-0000-0000000FF1CE}
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit-->MsiExec.exe /X{95140000-007D-0409-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mise à jour pour Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-040C-0000-0000000FF1CE}" "{05F22669-0926-4C2B-B2F8-0E8FEFED7AD5}" "1036" "0"
Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ClientLP
Mozilla Firefox 4.0b6 (x86 fr)-->C:\Program Files\Mozilla Firefox 4.0 Beta 6\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscCopy Gadget 10-->MsiExec.exe /X{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}
Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
Outpost Security Suite Pro 7.0.3-->"C:\Program Files\Agnitum\Outpost Security Suite Pro\unins000.exe"
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Philips SPC220NC Webcam-->C:\Program Files\InstallShield Installation Information\{6CC0CB79-C873-404A-820B-248934D04191}\setup.exe -runfromtemp -l0x040c -removeonly
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RealSpeak Solo pour la voix francaise Virginie-->MsiExec.exe /I{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Snagit 9.1.1-->MsiExec.exe /I{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1036" "0"
Update for Microsoft OneNote 2010 (KB2288640)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{521AB5E8-5FFF-45C8-B750-6967F8C0A2B9}" "1036" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1036" "0"
UsbFix By El Desaparecido & C_XX-->"C:\UsbFix\Un-UsbFix.exe"
VLC media player 1.1.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe"
Windows Live Bêta-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Bêta-->MsiExec.exe /I{F196BCB8-1F5D-4F56-AD51-9E911D507BAB}
Windows Live Communications Platform-->MsiExec.exe /I{54488589-76BC-4A3F-AC4F-71EBAD657850}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{00450E05-6F4C-42E5-9598-02CF18378FEA}
Windows Live Installer-->MsiExec.exe /I{C0A30BAA-295D-4F7F-8776-FD09FD57E2E2}
Windows Live Messenger-->MsiExec.exe /X{19DD26A7-F0DD-472E-887F-44128C31163C}
Windows Live Messenger-->MsiExec.exe /X{79347C9E-3647-4542-845A-62F3914083BA}
Windows Live Photo Common Beta-->MsiExec.exe /X{3A81D825-184F-4ED4-9B1F-8E7E40B63617}
Windows Live Photo Common-->MsiExec.exe /X{41A15ABD-081B-43DC-91A5-8727265E8D77}
Windows Live PIMT Platform-->MsiExec.exe /I{66069562-D3AF-4515-B1FD-7EE4DE5CE7D2}
Windows Live SOXE Definitions-->MsiExec.exe /I{91973772-A002-446D-8A67-B410553AD8F9}
Windows Live SOXE-->MsiExec.exe /I{4F88F5D8-767A-4EB4-9AFA-A7CBCC69D767}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D40C773-18B8-4521-8D3C-2C9DD6EF1303}
Windows Live UX Platform-->MsiExec.exe /I{7E432D8D-D78A-44A8-9FE8-B8942F7FD01F}
Your Uninstaller! 2010-->"C:\Program Files\Your Uninstaller 2010\unins000.exe"

======Hosts File======

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 sa.windows.com
127.0.0.1 se.windows.com
127.0.0.1 ie.search.msn.com
127.0.0.1 wustat.windows.com
127.0.0.1 wutrack.windows.com

======System event log======

Computer Name: dani-PC
Event Code: 6
Message: Certaines fonctionnalités de gestion de l'alimentation relatives aux performances du processeur ont été désactivées en raison d'un problème connu avec le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise à jour du microprogramme.
Record Number: 813
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20100924151313.687500-000
Event Type: Erreur
User: AUTORITE NT\Système

Computer Name: dani-PC
Event Code: 6
Message: Certaines fonctionnalités de gestion de l'alimentation relatives aux performances du processeur ont été désactivées en raison d'un problème connu avec le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise à jour du microprogramme.
Record Number: 565
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20100924145151.062500-000
Event Type: Erreur
User: AUTORITE NT\Système

Computer Name: dani-PC
Event Code: 7000
Message: Le service Service Moniteur infrarouge n'a pas pu démarrer en raison de l'erreur :
Le client ne dispose pas d'un privilège nécessaire.
Record Number: 512
Source Name: Service Control Manager
Time Written: 20100924145055.373773-000
Event Type: Erreur
User:

Computer Name: dani-PC
Event Code: 6
Message: Certaines fonctionnalités de gestion de l'alimentation relatives aux performances du processeur ont été désactivées en raison d'un problème connu avec le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise à jour du microprogramme.
Record Number: 396
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20100924144610.765625-000
Event Type: Erreur
User: AUTORITE NT\Système

Computer Name: 37L4247D28-05
Event Code: 6
Message: Certaines fonctionnalités de gestion de l'alimentation relatives aux performances du processeur ont été désactivées en raison d'un problème connu avec le microprogramme. Contactez le fabricant de l'ordinateur pour obtenir la mise à jour du microprogramme.
Record Number: 25
Source Name: Microsoft-Windows-Kernel-Processor-Power
Time Written: 20100924144151.343750-000
Event Type: Erreur
User: AUTORITE NT\Système

=====Application event log=====

Computer Name: dani-PC
Event Code: 1014
Message: L'acquisition de la licence d'utilisateur final a échoué. hr=0xC004C016
Id Sku=5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
Record Number: 201
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100924145544.000000-000
Event Type: Erreur
User:

Computer Name: dani-PC
Event Code: 8200
Message: Détails de l'échec d'acquisition de la licence.
hr=0xC004C016
Record Number: 200
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20100924145544.000000-000
Event Type: Erreur
User:

Computer Name: dani-PC
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1154080021-2091711199-810702523-1001:
Process 428 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1154080021-2091711199-810702523-1001

Record Number: 169
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100924145107.034906-000
Event Type: Avertissement
User: AUTORITE NT\Système

Computer Name: dani-PC
Event Code: 1008
Message: Le service Windows Search démarre et tente de supprimer l'ancien index de recherche {Raison : Réinitialisation totale de l'index}.

Record Number: 128
Source Name: Microsoft-Windows-Search
Time Written: 20100924144857.000000-000
Event Type: Avertissement
User:

Computer Name: dani-PC
Event Code: 11
Message: Fuite de mémoire possible. L'application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID : 1004) a transmis un pointeur non NULL à RPC pour un paramètre [out] marqué [allocate(all_nodes)]. Les paramètres [allocate(all_nodes)] sont toujours réaffectés ; si le pointeur initial contenait une adresse mémoire valide, cela entraînerait une fuite de cette mémoire. L'appel provenait de l'interface avec l'UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Numéro de méthode (10). Action utilisateur : contactez le fournisseur de l'application pour obtenir une version mise à jour.
Record Number: 127
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20100924144847.546625-000
Event Type: Avertissement
User: AUTORITE NT\SERVICE LOCAL

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : Système
Domaine du compte : AUTORITE NT
ID d'ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924144221.750000-000
Event Type: Succès de l'audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: L'ouverture de session d'un compte s'est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : 37L4247D28-05$
Domaine du compte : WORKGROUP
ID d'ouverture de session : 0x3e7

Type d'ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : Système
Domaine du compte : AUTORITE NT
ID d'ouverture de session : 0x3e7
GUID d'ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x1bc
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l'authentification :
Processus d'ouverture de session : Advapi
Package d'authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d'une ouverture de session. Il est généré sur l'ordinateur sur lequel l'ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l'ouverture de session. Il s'agit le plus souvent d'un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d'ouverture de session indique le type d'ouverture de session qui s'est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s'est connecté.

Les champs relatifs au réseau indiquent la provenance d'une demande d'ouverture de session à distance. Le nom de la station de travail n'étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d'authentification fournissent des détails sur cette demande d'ouverture de session spécifique.
- Le GUID d'ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d'ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n'a été demandée.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924144221.750000-000
Event Type: Succès de l'audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: La table de stratégie d'audit par utilisateur a été créée.

Nombre d'éléments : 0
ID de la stratégie : 0x23eaf
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924144211.609375-000
Event Type: Succès de l'audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: L'ouverture de session d'un compte s'est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d'ouverture de session : 0x0

Type d'ouverture de session : 0

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : Système
Domaine du compte : AUTORITE NT
ID d'ouverture de session : 0x3e7
GUID d'ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x4
Nom du processus :

Informations sur le réseau :
Nom de la station de travail : -
Adresse du réseau source : -
Port source : -

Informations détaillées sur l'authentification :
Processus d'ouverture de session : -
Package d'authentification : -
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d'une ouverture de session. Il est généré sur l'ordinateur sur lequel l'ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l'ouverture de session. Il s'agit le plus souvent d'un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d'ouverture de session indique le type d'ouverture de session qui s'est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s'est connecté.

Les champs relatifs au réseau indiquent la provenance d'une demande d'ouverture de session à distance. Le nom de la station de travail n'étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d'authentification fournissent des détails sur cette demande d'ouverture de session spécifique.
- Le GUID d'ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d'ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n'a été demandée.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924144208.921875-000
Event Type: Succès de l'audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Windows démarre.

Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d'audit est initialisé.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100924144208.828125-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
0
Réponse 6 / 12
dani30 Messages postés 10 Statut Membre
 
Logfile of random's system information tool 1.08 (written by random/random)
Run by dani at 2010-09-29 11:25:29
Microsoft Windows 7 Édition Familiale Premium
System drive C: has 33 GB (54%) free of 61 GB
Total RAM: 2303 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:25:44, on 29/09/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Agnitum\Outpost Security Suite Pro\op_mon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\dani\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dani\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dani\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\dani\Downloads\RSIT.exe
C:\Program Files\trend micro\dani.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [{56211EC0-E2CF-CDEC-6469-6A8A0A9B5767}] C:\Users\dani\AppData\Roaming\langg\svhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
0
Réponse 7 / 12
dani30 Messages postés 10 Statut Membre
 
merci de m'aider svp

en plus je vient de formater mon pc
0
Réponse 8 / 12
pitchoum
 
bonj il faut l enlever dans registre
0
Réponse 9 / 12
dani30 Messages postés 10 Statut Membre
 
merci de ta réponse

mai j'ai essayé son succès même les antivirus les supprime mai il revient a chaque redémarrage
0
Réponse 10 / 12
dani30 Messages postés 10 Statut Membre
 
un autre rapport de OTL

OTL logfile created on: 29/09/2010 11:50:14 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\dani\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,47 Gb Total Space | 32,33 Gb Free Space | 54,36% Space Free | Partition Type: NTFS
Drive D: | 89,48 Gb Total Space | 47,91 Gb Free Space | 53,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DANI-PC
Current User Name: dani
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010/09/29 11:50:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\dani\Downloads\OTL.exe
PRC - [2010/09/21 07:40:50 | 000,977,976 | ---- | M] (Google Inc.) -- C:\Users\dani\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/09/03 11:51:42 | 002,840,432 | ---- | M] (Agnitum Ltd.) -- C:\Program Files\Agnitum\Outpost Security Suite Pro\op_mon.exe
PRC - [2010/09/03 11:51:36 | 002,035,520 | ---- | M] (Agnitum Ltd.) -- C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
PRC - [2010/07/29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2010/07/29 21:39:20 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010/09/29 11:50:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\dani\Downloads\OTL.exe
MOD - [2010/08/27 11:40:50 | 000,701,456 | ---- | M] (Agnitum Ltd.) -- c:\progra~1\agnitum\outpos~1\wl_hook.dll
MOD - [2009/07/14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010/09/24 17:47:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/09/03 11:51:36 | 002,035,520 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe -- (acssrv)
SRV - [2010/07/29 21:39:20 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/07/14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/07/14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d'installation ActiveX (AxInstSV)
SRV - [2009/07/14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2010/09/24 17:44:45 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010/08/13 11:48:44 | 000,713,672 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SandBox.sys -- (SandBox)
DRV - [2010/08/13 11:48:06 | 000,036,168 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Filt\VBFilt.dll -- (VBFilt)
DRV - [2010/08/13 11:48:02 | 000,072,232 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Filt\ASWFilt.dll -- (ASWFilt)
DRV - [2010/08/11 18:19:48 | 000,328,296 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afwcore.sys -- (afwcore)
DRV - [2010/07/10 00:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/06/09 09:44:20 | 000,241,088 | ---- | M] (VirusBuster Kft.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBEngNT.sys -- (VBEngNT)
DRV - [2010/04/20 16:01:46 | 000,034,920 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\afw.sys -- (afw)
DRV - [2009/12/11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2008/01/19 05:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/11/18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/05/16 18:05:28 | 000,507,648 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SPC220NC.SYS -- (SPC220NC)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 C8 7A 7A FA 5B CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPage = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010/09/26 17:37:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins

[2010/09/26 17:37:50 | 000,000,000 | ---D | M] -- C:\Users\dani\AppData\Roaming\mozilla\Extensions
[2010/09/26 17:51:18 | 000,000,000 | ---D | M] -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\s72eu6d1.default\extensions
[2010/09/26 17:51:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\s72eu6d1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

O1 HOSTS File: ([2010/09/25 09:11:04 | 000,000,627 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 sa.windows.com
O1 - Hosts: 127.0.0.1 se.windows.com
O1 - Hosts: 127.0.0.1 ie.search.msn.com
O1 - Hosts: 127.0.0.1 wustat.windows.com
O1 - Hosts: 127.0.0.1 wutrack.windows.com
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Programmes\Agnitum\Outpost Security Suite Pro\op_mon.exe File not found
O4 - HKCU..\Run: [{56211EC0-E2CF-CDEC-6469-6A8A0A9B5767}] C:\Users\dani\AppData\Roaming\langg\svhost.exe (system)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\progra~1\agnitum\outpos~1\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/09/29 11:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/09/29 11:25:29 | 000,000,000 | ---D | C] -- C:\rsit
[2010/09/28 18:46:45 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/09/28 16:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/09/28 16:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/09/28 15:40:02 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/09/28 15:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\PowerStrip
[2010/09/28 15:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2010/09/28 13:24:45 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Malwarebytes
[2010/09/28 13:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/28 13:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/28 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\Nero
[2010/09/28 09:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/09/27 22:39:05 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\NeroVision
[2010/09/27 22:27:42 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Nero_AG
[2010/09/27 22:27:01 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Nero
[2010/09/27 22:23:20 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Nero
[2010/09/27 22:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/09/27 22:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/09/27 22:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/09/27 08:15:17 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\appartement a vendre
[2010/09/26 17:37:37 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Mozilla
[2010/09/26 17:37:37 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Mozilla
[2010/09/26 17:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 6
[2010/09/25 17:06:15 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010/09/25 17:06:15 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010/09/25 17:06:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010/09/25 17:06:14 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010/09/25 17:06:14 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010/09/25 17:06:14 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010/09/25 17:06:14 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010/09/25 17:06:13 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010/09/25 17:06:13 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010/09/25 17:06:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010/09/25 17:06:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010/09/25 17:06:13 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010/09/25 17:06:12 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/09/25 17:06:12 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/09/25 17:06:11 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/09/25 17:06:11 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/09/25 17:06:11 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/09/25 17:06:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/09/25 17:06:10 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/09/25 17:06:10 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/09/25 17:06:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/09/25 17:06:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/09/25 17:06:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/09/25 17:06:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/09/25 17:06:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/09/25 17:06:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/09/25 17:06:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/09/25 17:06:08 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/09/25 17:06:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/09/25 17:06:08 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/09/25 17:06:07 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/09/25 17:06:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/09/25 17:06:07 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/09/25 17:06:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/09/25 17:06:06 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/09/25 17:06:06 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/09/25 17:06:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/09/25 17:06:05 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/09/25 17:06:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/09/25 17:06:05 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/09/25 17:06:05 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/09/25 17:06:04 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/09/25 17:06:04 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/09/25 17:06:04 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/09/25 17:06:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/09/25 17:06:03 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/09/25 17:06:03 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/09/25 17:06:03 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/09/25 17:06:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/09/25 17:06:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/09/25 17:06:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/09/25 17:06:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/09/25 17:06:02 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/09/25 17:06:01 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/09/25 17:06:00 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/09/25 17:06:00 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/09/25 17:06:00 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/09/25 17:06:00 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/09/25 17:05:59 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/09/25 17:05:59 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/09/25 17:05:59 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/09/25 17:05:59 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/09/25 17:05:59 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/09/25 17:05:58 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/09/25 17:05:58 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/09/25 17:05:57 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/09/25 17:05:57 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/09/25 17:05:57 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/09/25 17:05:57 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/09/25 17:05:56 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/09/25 17:05:56 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/09/25 17:05:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/09/25 17:05:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/09/25 17:05:55 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/09/25 17:05:55 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/09/25 17:05:54 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/09/25 17:05:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/09/25 17:05:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/09/25 17:05:53 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/09/25 17:05:53 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/09/25 17:05:50 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/09/25 17:05:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/09/25 17:05:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/09/25 17:05:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/09/25 17:05:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/09/25 17:05:49 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/09/25 17:05:49 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/09/25 17:05:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/09/25 17:05:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/09/25 17:04:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/09/25 16:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/09/25 16:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/09/25 16:56:05 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/09/25 16:56:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/09/25 16:56:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/09/25 16:56:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/09/25 16:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/09/25 16:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic - Home Cinema
[2010/09/25 16:37:16 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Media Player Classic
[2010/09/25 16:29:23 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\Snagit
[2010/09/25 16:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2010/09/25 16:28:36 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\TechSmith
[2010/09/25 16:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010/09/25 02:41:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/09/25 02:40:58 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/09/25 00:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps
[2010/09/25 00:00:11 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\Balabolka
[2010/09/24 21:56:21 | 001,073,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010/09/24 21:56:21 | 000,753,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2010/09/24 21:56:21 | 000,413,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2010/09/24 21:56:21 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010/09/24 21:54:58 | 003,600,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2010/09/24 21:54:58 | 002,416,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2010/09/24 21:54:58 | 002,330,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwss.dll
[2010/09/24 21:54:58 | 001,501,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010/09/24 21:54:57 | 003,518,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvs.dll
[2010/09/24 21:54:57 | 003,321,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgames.dll
[2010/09/24 21:54:57 | 003,072,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2010/09/24 21:54:57 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2010/09/24 21:54:57 | 001,142,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmobls.dll
[2010/09/24 21:54:57 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010/09/24 21:54:57 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2010/09/24 21:54:57 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2010/09/24 21:54:57 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010/09/24 21:54:57 | 000,188,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccss.dll
[2010/09/24 21:54:57 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010/09/24 21:54:56 | 006,234,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdisps.dll
[2010/09/24 21:54:56 | 005,455,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2010/09/24 21:54:55 | 000,147,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010/09/24 21:54:55 | 000,037,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod100.dll
[2010/09/24 21:39:46 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\ALLCapture
[2010/09/24 21:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge4D
[2010/09/24 20:47:41 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\WebcamMax
[2010/09/24 20:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\WebcamMax
[2010/09/24 20:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\WebcamMax
[2010/09/24 20:46:14 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\langg
[2010/09/24 20:28:33 | 000,713,672 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\SandBox.sys
[2010/09/24 20:28:33 | 000,241,088 | ---- | C] (VirusBuster Kft.) -- C:\Windows\System32\drivers\VBEngNT.sys
[2010/09/24 20:28:27 | 000,328,296 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afwcore.sys
[2010/09/24 20:27:38 | 000,034,920 | ---- | C] (Agnitum Ltd.) -- C:\Windows\System32\drivers\afw.sys
[2010/09/24 20:27:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Filt
[2010/09/24 20:27:23 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Agnitum
[2010/09/24 20:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\Agnitum
[2010/09/24 20:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2010/09/24 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/09/24 19:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/09/24 19:38:25 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/09/24 19:37:28 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Hunspell
[2010/09/24 19:37:24 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Balabolka
[2010/09/24 19:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Balabolka
[2010/09/24 19:30:18 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\Mes fichiers reçus
[2010/09/24 19:29:28 | 000,000,000 | ---D | C] -- C:\Users\dani\Tracing
[2010/09/24 19:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/09/24 19:20:23 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010/09/24 19:20:23 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010/09/24 19:20:23 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010/09/24 19:19:15 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Windows Live
[2010/09/24 19:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/09/24 19:16:25 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\vlc
[2010/09/24 19:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/09/24 19:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/09/24 19:11:54 | 000,507,648 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\System32\drivers\SPC220NC.SYS
[2010/09/24 19:11:54 | 000,135,680 | ---- | C] (PixArt Imaging Incorporation) -- C:\Windows\System32\SPC220NC.AX
[2010/09/24 19:11:54 | 000,006,656 | ---- | C] (PixArt Imaging Inc.) -- C:\Windows\System32\CoInst.dll
[2010/09/24 19:11:54 | 000,000,000 | ---D | C] -- C:\Windows\Philips
[2010/09/24 19:11:54 | 000,000,000 | ---D | C] -- C:\Program Files\Philips
[2010/09/24 19:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010/09/24 19:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/09/24 19:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/09/24 19:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/09/24 19:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/09/24 19:00:04 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Adobe
[2010/09/24 18:49:00 | 000,000,000 | ---D | C] -- C:\Users\dani\Documents\CyberLink
[2010/09/24 18:48:45 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\CyberLink
[2010/09/24 18:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/09/24 18:40:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/09/24 18:35:31 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/09/24 18:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2010/09/24 18:35:29 | 000,000,000 | ---D | C] -- C:\Program Files\SmartSound Software
[2010/09/24 18:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/09/24 18:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/24 18:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/09/24 18:34:40 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Apple
[2010/09/24 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/09/24 18:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/09/24 18:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/09/24 18:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010/09/24 18:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/09/24 18:24:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/09/24 18:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/09/24 18:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2010/09/24 18:22:49 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Microsoft Help
[2010/09/24 18:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/09/24 18:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/09/24 18:22:37 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/09/24 18:18:12 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\WinRAR
[2010/09/24 18:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/09/24 18:05:06 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Google
[2010/09/24 18:04:51 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Deployment
[2010/09/24 18:04:51 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\Apps
[2010/09/24 17:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/09/24 17:47:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/09/24 17:45:30 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvusmu.exe
[2010/09/24 17:45:28 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvusmb.exe
[2010/09/24 17:45:01 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\InstallShield
[2010/09/24 17:42:42 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010/09/24 17:36:35 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010/09/24 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\URSoft
[2010/09/24 17:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/09/24 17:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller 2010
[2010/09/24 17:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/09/24 17:18:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/09/24 17:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/09/24 17:17:53 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010/09/24 17:17:53 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010/09/24 17:17:53 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2010/09/24 17:17:53 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/09/24 17:17:53 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010/09/24 17:17:51 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010/09/24 17:17:51 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010/09/24 17:17:51 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010/09/24 17:17:51 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010/09/24 17:17:51 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010/09/24 17:17:51 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010/09/24 17:17:51 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010/09/24 17:17:49 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010/09/24 17:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/09/24 17:15:29 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Macromedia
[2010/09/24 17:15:29 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Adobe
[2010/09/24 17:15:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/09/24 17:10:25 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/09/24 17:10:25 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/09/24 17:10:25 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/09/24 17:07:17 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/09/24 17:06:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/09/24 17:04:51 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/09/24 17:04:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/09/24 17:04:50 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/09/24 17:04:50 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/09/24 17:04:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/09/24 17:04:50 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/09/24 17:04:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/09/24 17:04:50 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/09/24 17:04:48 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/09/24 17:04:47 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/09/24 17:04:47 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/09/24 17:04:47 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/09/24 17:04:44 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/09/24 17:04:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/09/24 17:04:40 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/09/24 17:04:40 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/09/24 17:04:37 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/09/24 17:04:37 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/09/24 17:04:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/09/24 17:04:37 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/09/24 17:04:37 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/09/24 17:04:34 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/09/24 17:04:34 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010/09/24 17:04:30 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/09/24 17:04:29 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/09/24 17:04:29 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/09/24 17:04:29 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/09/24 17:04:29 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/09/24 17:04:29 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/09/24 17:04:29 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/09/24 17:04:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/09/24 17:04:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/09/24 17:04:27 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/09/24 17:04:27 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/09/24 17:04:24 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/09/24 17:04:24 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/09/24 17:04:24 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/09/24 17:04:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/09/24 17:04:23 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010/09/24 17:04:23 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/09/24 17:04:22 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/09/24 17:04:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/09/24 17:01:49 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/09/24 17:01:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/09/24 17:01:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/09/24 16:49:43 | 000,000,000 | R--D | C] -- C:\Users\dani\Searches
[2010/09/24 16:49:43 | 000,000,000 | -H-D | C] -- C:\Users\dani\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/09/24 16:49:30 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Roaming\Identities
[2010/09/24 16:49:29 | 000,000,000 | R--D | C] -- C:\Users\dani\Contacts
[2010/09/24 16:49:20 | 000,000,000 | ---D | C] -- C:\Users\dani\AppData\Local\VirtualStore
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Voisinage réseau
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Voisinage d'impression
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\AppData\Local\Temporary Internet Files
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\SendTo
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Recent
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Modèles
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Menu Démarrer
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Local Settings
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\AppData\Local\Historique
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Cookies
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\Application Data
[2010/09/24 16:49:18 | 000,000,000 | -HSD | C] -- C:\Users\dani\AppData\Local\Application Data
[2010/09/24 16:49:17 | 000,000,000 | -HSD | C] -- C:\Users\dani\Documents\Mes vidéos
[2010/09/24 16:49:17 | 000,000,000 | -HSD | C] -- C:\Users\dani\Documents\Mes images
[2010/09/24 16:49:17 | 000,000,000 | -HS
0
Réponse 11 / 12
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
ok

arrête de balancer des outils non demandés stp..

1)
? Relance UsbFix

? Dans le menu principale cette fois choisit l'option suppression
Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.

Si un message te demande de redémarrer l'ordinateur fais le ...

? Au redémarrage, le fix se relance... laisses l'opération s'effectuer.

? Le bloc note s'ouvre avec un rapport, envoies le dans la prochaine réponse

UsbFix peut te demander d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097

Il est enregistré sur ton bureau.

Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.

Merci

...................

2)

Téléchargez MalwareByte's Anti-Malware (que tu pourras garder ensuite)

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

. Enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
. Une fois la mise à jour terminé
. Rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet (examen assez long)
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, clique sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. Rends toi dans l'onglet rapport/log
. Tu cliques dessus pour l'afficher, une fois affiché
. Tu cliques sur edition en haut du boc notes, et puis sur sélectionner tous
. Tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller

Si tu as besoin d'aide regarde ces tutoriels :
Aide: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam

0
Réponse 12 / 12
dani30 Messages postés 10 Statut Membre
 
ok merci pour tes reponce
0

Discussions similaires

Supprimer compte Tendermeets.com
anonyme -
anonyme -

1 réponse