Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

[résolu] Panneau de configuration instable + Disque dure

 

18 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

[résolu] Panneau de configuration instable + Disque dure

Prévenir les modérateurs en cas d'abus 
Nikoleo
nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 14/03/2010 à 20:44:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 J'appel à l'aide car depuis quelques jours, dans le panneau de configuration, je ne peu pas ouvrir la plupart des éléments, comme le gestionnaire de parfeux etc...

 De plus, un disque dure est apparut dans le poste de travail, avec la lettre (Q), il n'est pas accessible est fait 0 octets.

 Le PC acer aspire 5920G est sous windows 7, installer par dessus Vista.
 L'antivirus Antivir ne trouve rien, ni HiJackThis.

 Merci de votre aide

  1. Posté le 15/03/2010 à 06:52:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut, faire ceci:

 Télécharger RootRepeal

 http://rootrepeal.googlepages.com/RootRepeal.zip

 Créer un répertoire avec le nom RootReapeal: C:\RootRepeal

 Cliquer RootRepeal.exe (Pour les utilisateur de Vista vous devez cliquer droit et selectionner "Exécuter en tant qu'administrateur" ).

 Cliquer sur l'onglet Report et Scan. Dans la nouvelle fenêtre Select Scan, cocher:
 Drivers, Files, Processes, SSDT, Stealth Objects, Hidden Services et cliquer sur "Ok".

 Vérifier qu'il scan bien la partition de votre Windows et cliquer "OK". Une fois terminée vous cliquez sur "Save Report" et le sauvegarder dans un endroit facile d'accès.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

 Copier/coller moi aussi un Hijackthis 2.0.3:

 http://go.trendmicro.com/free- [...] ckThis.msi

(Publicité)
nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 18/03/2010 à 15:44:00  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 J'ai un message d'erreur avec RootRepeal, il est impossible de lancer le scan :

 DeviceIoControl Error! Error Code = 0x0

 Rapport HiJackThis :

 Logfile of Trend Micro HijackThis v2.0.3 (BETA)
 Scan saved at 15:43:20, on 18/03/2010
 Platform: Unknown Windows (WinNT 6.01.3504)
 MSIE: Internet Explorer v8.00 (8.00.7600.16385)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Launch Manager\QtZgAcer.EXE
 C:\Program Files\RocketDock\RocketDock.ex​e
 C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
 C:\Program Files\Safari\Safari.exe
 C:\Windows\explorer.exe
 C:\Program Files\Trend Micro\HiJackThis\HiJackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B​94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA​8380DBA} - C:\Program Files\FlashGet\getflash.dll
 O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [Skytel] Skytel.exe
 O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSe​tting
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
 O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\Windows\system32\spool\DRIV​ERS\W32X86\3\LXBUtime.dll,_Run​DLLEntry@16
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.​EXE
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.ex​e"
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe (User 'SERVICE RÉSEAU')
 O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
 O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
 O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~4\Office12\​REFIEBAR.DLL
 O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3} - C:\Program Files\FlashGet\FlashGet.exe
 O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3} - C:\Program Files\FlashGet\FlashGet.exe
 O13 - Gopher Prefix:
 O15 - Trusted Zone: *.line6.net
 O16 - DPF: {04CB5B64-5915-4629-B869-8945C​EBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/ [...] rtdgi1.cab
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr [...] nicode.cab
 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFE​D8E262F} (System Requirements Lab) - http://www.nvidia.com/content/ [...] ab_nvd.cab
 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F​48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdl [...] .7.109.cab
 O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2​BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dl [...] .2.4.8.cab
 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} (DivXBrowserPlugin Object) - http://download.divx.com/playe [...] Plugin.cab
 O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D​8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/ [...] DP-1.1.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB62​48B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemSe​rvices.dll
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKY​PE4~1.DLL
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: @%systemroot%\system32\appidsv​c.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\AxInstS​V.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\bdesvc.​dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\bthserv​.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\defrags​vc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcor​e.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\FntCach​e.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate1ca0556c29c4cf0) (gupdate1ca0556c29c4cf0) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\ListSvc​.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\provsvc​.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​m.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: @%SystemRoot%\system32\pnrpsvc​.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pnrpaut​o.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pnrpsvc​.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpo.dl​l,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%windir%\system32\RpcEpMap.dl​l,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\sensrsv​c.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\ipnathl​p.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmp.ex​e,-3 (SNMP) - Unknown owner - C:\Windows\System32\snmp.exe
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%SystemRoot%\system32\sppsvc.​exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
 O23 - Service: @%SystemRoot%\system32\sppuino​tify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sstpsvc​.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.​exe
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\themese​rvice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wbengin​e.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.e​xe
 O23 - Service: @%systemroot%\system32\wbiosrv​c.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wwansvc​.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 23480 bytes

  1. Posté le 18/03/2010 à 17:50:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Télécharger OTS ici: http://oldtimer.geekstogo.com/OTS.exe

 Exécuter le logiciel et cocher la case All Users.

 Dans Additional Scans cocher les 4 suivants:
 •Reg - Shell Spawning
 •File - Lop Check
 •File - Purity Scan
 •Evnt - EvtViewer (last 10)

 Dans custom scans, copier/coller ceci:

 netsvcs
 %SYSTEMDRIVE%\*.exe
 %SYSTEMDRIVE%\eventlog.dll /s
 %SYSTEMDRIVE%\scecli.dll /s
 %SYSTEMDRIVE%\netlogon.dll /s
 %SYSTEMDRIVE%\cngaudit.dll /s
 %SYSTEMDRIVE%\sceclt.dll /s
 %SYSTEMDRIVE%\ntelogon.dll /s
 %SYSTEMDRIVE%\logevent.dll /s
 %SYSTEMDRIVE%\iaStor.sys /s
 %SYSTEMDRIVE%\nvstor.sys /s
 %SYSTEMDRIVE%\atapi.sys /s
 %SYSTEMDRIVE%\IdeChnDr.sys /s
 %SYSTEMDRIVE%\viasraid.sys /s
 %SYSTEMDRIVE%\AGP440.sys /s
 %SYSTEMDRIVE%\vaxscsi.sys /s  

 Maintenant cliquer sur le bouton "Run Scan" dans la toolbar.

 Une fois terminée le bloc note va s'ouvrir et cliquer Format et cocher Retour automatique à la ligne.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 18/03/2010 à 19:15:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
 
 OTS logfile created on: 18/03/2010 19:01:58 - Run 1
 OTS by OldTimer - Version 3.1.27.1     Folder = D:\Nicolas\Downloads
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
 Internet Explorer (Version = 8.0.7600.16385)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
 6,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 111,69 Gb Total Space | 32,61 Gb Free Space | 29,19% Space Free | Partition Type: NTFS
 Drive D: | 108,19 Gb Total Space | 59,60 Gb Free Space | 55,09% Space Free | Partition Type: NTFS
 E: Drive not present or media not loaded
 F: Drive not present or media not loaded
 G: Drive not present or media not loaded
 H: Drive not present or media not loaded
 I: Drive not present or media not loaded
 
 Computer Name: PC-DE-NICOLAS
 Current User Name: Nicolas
 Logged in as Administrator.
 
 Current Boot Mode: Normal
 Scan Mode: All users
 Company Name Whitelist: Off
 Skip Microsoft Files: Off
 File Age = 30 Days
 
 [Processes - Safe List]
 ots.exe -> D:\Nicolas\Downloads\OTS.exe -> [2010/03/18 18:59:53 | 000,637,440 | ---- | M] (OldTimer Tools)
 safari.exe -> C:\Program Files\Safari\Safari.exe -> [2009/11/05 21:14:44 | 001,794,848 | ---- | M] (Apple Inc.)
 explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
 itouch-server-win.exe -> C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe -> [2009/10/23 22:59:56 | 000,228,352 | ---- | M] (Logitech, Inc.)
 cvhsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -> [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation)
 sftvsa.exe -> C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -> [2009/09/23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation)
 sftlist.exe -> C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -> [2009/09/23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation)
 avguard.exe -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2009/08/22 23:18:16 | 000,185,089 | ---- | M] (Avira GmbH)
 sched.exe -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2009/07/15 13:13:36 | 000,108,289 | ---- | M] (Avira GmbH)
 snmp.exe -> C:\Windows\System32\snmp.exe -> [2009/07/14 02:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation)
 conhost.exe -> C:\Windows\System32\conhost.ex​e -> [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation)
 wlidsvc.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 15:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation)
 wlidsvcm.exe -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe -> [2009/03/30 15:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation)
 avgnt.exe -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe -> [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
 evteng.exe -> C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e -> [2009/02/27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation)
 regsrvc.exe -> C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe -> [2009/02/27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation)
 rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2007/12/14 09:56:00 | 004,702,208 | ---- | M] (Realtek Semiconductor)
 qtzgacer.exe -> C:\Program Files\Launch Manager\QtZgAcer.EXE -> [2007/12/14 09:56:00 | 000,707,080 | ---- | M] (Dritek System Inc.)
 iaantmon.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2007/12/14 09:55:00 | 000,354,840 | ---- | M] (Intel Corporation)
 iaanotif.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2007/12/14 09:55:00 | 000,174,616 | ---- | M] (Intel Corporation)
 syntpstart.exe -> C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe -> [2007/12/14 09:55:00 | 000,102,400 | ---- | M] (Synaptics, Inc.)
 rs_service.exe -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2007/09/28 19:18:24 | 000,233,472 | ---- | M] (Acer Inc.)
 erecoveryservice.exe -> C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe -> [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.)
 rocketdock.exe -> C:\Program Files\RocketDock\RocketDock.ex​e -> [2007/09/02 12:58:52 | 000,495,616 | ---- | M] ()
 starwindserviceae.exe -> C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.​exe -> [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software)
 alaunchsvc.exe -> C:\Acer\ALaunch\ALaunchSvc.exe -> [2007/01/26 14:24:42 | 000,050,688 | ---- | M] ()
 mobilityservice.exe -> C:\Acer\Mobility Center\MobilityService.exe -> [2006/11/24 12:57:54 | 000,107,008 | ---- | M] ()
 
 [Modules - Safe List]
 ots.exe -> D:\Nicolas\Downloads\OTS.exe -> [2010/03/18 18:59:53 | 000,637,440 | ---- | M] (OldTimer Tools)
 sspicli.dll -> C:\Windows\System32\sspicli.dl​l -> [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation)
 sechost.dll -> C:\Windows\System32\sechost.dl​l -> [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation)
 samcli.dll -> C:\Windows\System32\samcli.dll -> [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation)
 profapi.dll -> C:\Windows\System32\profapi.dl​l -> [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation)
 netutils.dll -> C:\Windows\System32\netutils.d​ll -> [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation)
 kernelbase.dll -> C:\Windows\System32\KernelBase​.dll -> [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation)
 dwmapi.dll -> C:\Windows\System32\dwmapi.dll -> [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation)
 devobj.dll -> C:\Windows\System32\devobj.dll -> [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation)
 cryptbase.dll -> C:\Windows\System32\cryptbase.​dll -> [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation)
 cfgmgr32.dll -> C:\Windows\System32\cfgmgr32.d​ll -> [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation)
 comctl32.dll -> C:\Windows\winsxs\x86_microsof​t.windows.common-controls_6595​b64144ccf1df_6.0.7600.16385_no​ne_421189da2b7fabfc\comctl32.d​ll -> [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation)
 
 [Win32 Services - Safe List]
 (cvhsvc) Client Virtualization Handler [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -> [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation)
 (osppsvc) Office Software Protection Platform [On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectio​nPlatform\OSPPSVC.EXE -> [2009/09/26 04:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation)
 (sftvsa) Application Virtualization Service Agent [On_Demand | Running] -> C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -> [2009/09/23 15:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation)
 (sftlist) Application Virtualization Client [Auto | Running] -> C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -> [2009/09/23 15:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation)
 (AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2009/08/22 23:18:16 | 000,185,089 | ---- | M] (Avira GmbH)
 (fsssvc) Service Windows Live Contrôle parental [On_Demand | Stopped] -> C:\Program Files\Windows Live\Family Safety\fsssvc.exe -> [2009/08/05 21:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation)
 (AntiVirSchedulerService) Avira AntiVir Planificateur [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2009/07/15 13:13:36 | 000,108,289 | ---- | M] (Avira GmbH)
 (WwanSvc) Service de configuration automatique WWAN [On_Demand | Stopped] -> C:\Windows\System32\wwansvc.dl​l -> [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation)
 (WbioSrvc) Service de biométrie Windows [On_Demand | Stopped] -> C:\Windows\System32\wbiosrvc.d​ll -> [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation)
 (Power) Alimentation [Auto | Running] -> C:\Windows\System32\umpo.dll -> [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation)
 (Themes) Thèmes [Auto | Running] -> C:\Windows\System32\themeservi​ce.dll -> [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation)
 (sppuinotify) Service de notification SPP [On_Demand | Stopped] -> C:\Windows\System32\sppuinotif​y.dll -> [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation)
 (RpcEptMapper) Mappeur de point de terminaison RPC [Unknown | Running] -> C:\Windows\System32\RpcEpMap.d​ll -> [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation)
 (SensrSvc) Brillance adaptative [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.d​ll -> [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation)
 (PNRPsvc) Protocole PNRP [On_Demand | Stopped] -> C:\Windows\System32\pnrpsvc.dl​l -> [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation)
 (p2pimsvc) Gestionnaire d’identité réseau homologue [On_Demand | Stopped] -> C:\Windows\System32\pnrpsvc.dl​l -> [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation)
 (HomeGroupProvider) Fournisseur HomeGroup [On_Demand | Running] -> C:\Windows\System32\provsvc.dl​l -> [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation)
 (PNRPAutoReg) Service de publication des noms d’ordinateurs PNRP [On_Demand | Stopped] -> C:\Windows\System32\pnrpauto.d​ll -> [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation)
 (WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Program Files\Windows Defender\mpsvc.dll -> [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation)
 (HomeGroupListener) Écouteur HomeGroup [On_Demand | Stopped] -> C:\Windows\System32\ListSvc.dl​l -> [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation)
 (FontCache) Service de cache de police Windows [On_Demand | Stopped] -> C:\Windows\System32\FntCache.d​ll -> [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation)
 (Dhcp) Client DHCP [Auto | Running] -> C:\Windows\System32\dhcpcore.d​ll -> [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation)
 (defragsvc) Défragmenteur de disque [On_Demand | Stopped] -> C:\Windows\System32\defragsvc.​dll -> [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation)
 (BDESVC) Service de chiffrement de lecteur BitLocker [Unknown | Stopped] -> C:\Windows\System32\bdesvc.dll -> [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation)
 (AxInstSV) Programme d’installation ActiveX (AxInstSV) [On_Demand | Stopped] -> C:\Windows\System32\AxInstSv.d​ll -> [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation)
 (AppIDSvc) Identité de l’application [On_Demand | Stopped] -> C:\Windows\System32\appidsvc.d​ll -> [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation)
 (SNMP) Service SNMP [Auto | Running] -> C:\Windows\System32\snmp.exe -> [2009/07/14 02:14:39 | 000,047,616 | ---- | M] (Microsoft Corporation)
 (sppsvc) Protection logicielle [Auto | Stopped] -> C:\Windows\System32\sppsvc.exe -> [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation)
 (wlidsvc) Windows Live ID Sign-in Assistant [Auto | Running] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -> [2009/03/30 15:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation)
 (EvtEng) Intel(R) PROSet/Wireless Event Log [Auto | Running] -> C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e -> [2009/02/27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation)
 (RegSrvc) Intel(R) PROSet/Wireless Registry Service [Auto | Running] -> C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe -> [2009/02/27 05:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation)
 (IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -> [2007/12/14 09:55:00 | 000,354,840 | ---- | M] (Intel Corporation)
 (RS_Service) Raw Socket Service [Auto | Running] -> C:\Program Files\Acer\Acer VCM\RS_Service.exe -> [2007/09/28 19:18:24 | 000,233,472 | ---- | M] (Acer Inc.)
 (eRecoveryService) eRecovery Service [Auto | Running] -> C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe -> [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.)
 (StarWindServiceAE) StarWind AE Service [Auto | Running] -> C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.​exe -> [2007/05/28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software)
 (ALaunchService) ALaunch Service [Auto | Running] -> C:\Acer\ALaunch\ALaunchSvc.exe -> [2007/01/26 14:24:42 | 000,050,688 | ---- | M] ()
 (MobilityService) MobilityService [Auto | Running] -> C:\Acer\Mobility Center\MobilityService.exe -> [2006/11/24 12:57:54 | 000,107,008 | ---- | M] ()
 
 [Driver Services - Safe List]
 (avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\System32\drivers\av​gntflt.sys -> [2009/12/10 22:46:18 | 000,056,816 | ---- | M] (Avira GmbH)
 (sptd) sptd [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\sp​td.sys -> [2009/11/07 12:24:20 | 000,721,904 | ---- | M] ()
 (Sftredir) Sftredir [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\Sf​tredirlh.sys -> [2009/09/23 15:04:56 | 000,021,848 | ---- | M] (Microsoft Corporation)
 (sftvol) sftvol [Kernel | On_Demand | Running] -> C:\Program Files\Microsoft Application Virtualization Client\drivers\sftvollh.sys -> [2009/09/23 15:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation)
 (sftplay) sftplay [Kernel | On_Demand | Running] -> C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -> [2009/09/23 15:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation)
 (sftfs) sftfs [Kernel | On_Demand | Running] -> C:\Program Files\Microsoft Application Virtualization Client\drivers\sftfslh.sys -> [2009/09/23 15:04:50 | 000,543,064 | ---- | M] (Microsoft Corporation)
 (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nv​lddmkm.sys -> [2009/08/06 17:16:00 | 009,824,000 | ---- | M] (NVIDIA Corporation)
 (fssfltr) fssfltr [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\fs​sfltr.sys -> [2009/08/05 21:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation)
 (ssmdrv) ssmdrv [Kernel | System | Running] -> C:\Windows\System32\drivers\ss​mdrv.sys -> [2009/07/15 13:13:36 | 000,028,520 | ---- | M] (Avira GmbH)
 (cmdide) cmdide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\cm​dide.sys -> [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.)
 (adpahci) adpahci [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ad​pahci.sys -> [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.)
 (adp94xx) adp94xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ad​p94xx.sys -> [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.)
 (amdsbs) amdsbs [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\am​dsbs.sys -> [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.)
 (adpu320) adpu320 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ad​pu320.sys -> [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.)
 (arcsas) arcsas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ar​csas.sys -> [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.)
 (amdsata) amdsata [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\am​dsata.sys -> [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices)
 (arc) arc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ar​c.sys -> [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.)
 (amdxata) amdxata [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\am​dxata.sys -> [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices)
 (aliide) aliide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\al​iide.sys -> [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.)
 (nvstor) nvstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nv​stor.sys -> [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation)
 (nvraid) nvraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nv​raid.sys -> [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation)
 (nfrd960) nfrd960 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\nf​rd960.sys -> [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation)
 (LSI_SAS) LSI_SAS [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ls​i_sas.sys -> [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation)
 (iaStorV) iaStorV [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ia​StorV.sys -> [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation)
 (MegaSR) MegaSR [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Me​gaSR.sys -> [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.)
 (KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\ks​ecpkg.sys -> [2009/07/14 02:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation)
 (LSI_SCSI) LSI_SCSI [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ls​i_scsi.sys -> [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation)
 (LSI_FC) LSI_FC [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ls​i_fc.sys -> [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation)
 (LSI_SAS2) LSI_SAS2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ls​i_sas2.sys -> [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation)
 (iirsp) iirsp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ii​rsp.sys -> [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH)
 (megasas) megasas [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\me​gasas.sys -> [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation)
 (hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\hw​policy.sys -> [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation)
 (elxstor) elxstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\el​xstor.sys -> [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex)
 (aic78xx) aic78xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\dj​svs.sys -> [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.)
 (HpSAMD) HpSAMD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Hp​SAMD.sys -> [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company)
 (FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\fs​depends.sys -> [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation)
 (vsmraid) vsmraid [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vs​mraid.sys -> [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd)
 (vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vh​dmp.sys -> [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation)
 (vdrvroot) Pilote d’énumérateur de lecteur virtuel Microsoft [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vd​rvroot.sys -> [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation)
 (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\wi​mmount.sys -> [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation)
 (viaide) viaide [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vi​aide.sys -> [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.)
 (ql2300) ql2300 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql​2300.sys -> [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation)
 (rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\System32\drivers\rd​yboost.sys -> [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation)
 (ql40xx) ql40xx [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ql​40xx.sys -> [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation)
 (SiSRaid4) SiSRaid4 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\si​sraid4.sys -> [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems)
 (pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\pc​w.sys -> [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation)
 (SiSRaid2) SiSRaid2 [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Si​SRaid2.sys -> [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.)
 (stexstor) stexstor [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\st​exstor.sys -> [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology)
 (CNG) CNG [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\cn​g.sys -> [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation)
 (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Br​serid.sys -> [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.)
 (rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\rd​pbus.sys -> [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation)
 (RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\System32\drivers\RD​PREFMP.sys -> [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation)
 (RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ag​ilevpn.sys -> [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation)
 (WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\System32\drivers\wf​plwf.sys -> [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation)
 (NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nd​iscap.sys -> [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation)
 (vwifibus) Pilote de bus WiFi virtuel [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\vw​ifibus.sys -> [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation)
 (1394ohci) Contrôleur d’hôte compatible OHCI 1394 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\13​94ohci.sys -> [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation)
 (UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\um​pass.sys -> [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation)
 (WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\wi​nusb.sys -> [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation)
 (mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ms​hidkmdf.sys -> [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation)
 (MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MT​Config.sys -> [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation)
 (CompositeBus) Pilote de l’énumérateur de bus composite [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Co​mpositeBus.sys -> [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation)
 (AppID) Pilote AppID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\ap​pid.sys -> [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation)
 (scfilter) Pilote de filtre de classe PnP de carte à puce [Kernel | Unknown | Stopped] -> C:\Windows\System32\drivers\sc​filter.sys -> [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation)
 (discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\System32\drivers\di​scache.sys -> [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation)
 (HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Hi​dBatt.sys -> [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation)
 (AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ac​pipmi.sys -> [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation)
 (AmdPPM) AMD Processor Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\am​dppm.sys -> [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation)
 (hcw85cir) Hauppauge Consumer Infrared Receiver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\hc​w85cir.sys -> [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.)
 (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Br​UsbMdm.sys -> [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
 (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Br​UsbSer.sys -> [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
 (BrSerWdm) Brother WDM Serial driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\Drivers\Br​SerWdm.sys -> [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
 (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Br​FiltLo.sys -> [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
 (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\Br​FiltUp.sys -> [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
 (netw5v32) Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ne​tw5v32.sys -> [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation)
 (b57nd60x) Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\b5​7nd60x.sys -> [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation)
 (ebdrv) Broadcom NetXtreme II 10 GigE VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\ev​bdx.sys -> [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation)
 (b06bdrv) Broadcom NetXtreme II VBD [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\bx​vbdx.sys -> [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation)
 (VClone) VClone [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\VC​lone.sys -> [2009/05/23 00:08:32 | 000,029,696 | ---- | M] (Elaborate Bytes AG)
 (avipbb) avipbb [Kernel | System | Running] -> C:\Windows\System32\drivers\av​ipbb.sys -> [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH)
 (ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\El​byCDIO.sys -> [2009/02/17 18:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG)
 (avgio) avgio [Kernel | System | Running] -> C:\Program Files\Avira\AntiVir Desktop\avgio.sys -> [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH)
 (NTIDrvr) Upper Class Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\NT​IDrvr.sys -> [2007/12/21 06:07:59 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.)
 (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\RT​KVHDA.sys -> [2007/12/14 09:56:00 | 001,950,552 | ---- | M] (Realtek Semiconductor Corp.)
 (HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HS​X_DPV.sys -> [2007/12/14 09:56:00 | 000,984,064 | ---- | M] (Conexant Systems, Inc.)
 (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HS​X_CNXT.sys -> [2007/12/14 09:56:00 | 000,660,480 | ---- | M] (Conexant Systems, Inc.)
 (iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\ia​Stor.sys -> [2007/12/14 09:56:00 | 000,277,784 | ---- | M] (Intel Corporation)
 (HSXHWAZL) HSXHWAZL [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HS​XHWAZL.sys -> [2007/12/14 09:56:00 | 000,208,384 | ---- | M] (Conexant Systems, Inc.)
 (winbondcir) Winbond IR Transceiver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\wi​nbondcir.sys -> [2007/12/14 09:56:00 | 000,043,008 | ---- | M] (Winbond Electronics Corporation)
 (DKbFltr) Dritek Keyboard Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\DK​bFltr.sys -> [2007/12/14 09:56:00 | 000,021,264 | ---- | M] (Dritek System Inc.)
 (XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\System32\drivers\XA​udio.sys -> [2007/12/14 09:56:00 | 000,008,704 | ---- | M] (Conexant Systems, Inc.)
 (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Sy​nTP.sys -> [2007/12/14 09:55:00 | 000,192,816 | ---- | M] (Synaptics, Inc.)
 (NETw4v32) Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NE​Tw4v32.sys -> [2007/09/26 12:12:22 | 002,251,776 | ---- | M] (Intel Corporation)
 (CrystalSysInfo) CrystalSysInfo [Kernel | On_Demand | Stopped] -> C:\Program Files\MediaCoder iPod Edition\SysInfo.sys -> [2007/09/25 15:59:46 | 000,015,152 | ---- | M] ()
 (rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\ri​mmptsk.sys -> [2007/08/08 20:42:08 | 000,045,568 | ---- | M] (REDC)
 (rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\ri​xdptsk.sys -> [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC)
 (rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\ri​msptsk.sys -> [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC)
 (BDASwCap) AVerMedia A310 BDA DVBT Capture Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\AV​erA310Cap.sys -> [2007/07/10 03:16:00 | 000,042,240 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
 (A310) AVerMedia A310 DVB-T [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\AV​erA310USB.sys -> [2007/07/10 03:16:00 | 000,026,368 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
 (int15) int15 [Kernel | Auto | Running] -> C:\Acer\Empowering Technology\eRecovery\int15.sys -> [2007/07/03 10:05:20 | 000,015,392 | ---- | M] (Acer, Inc.)
 (SNP2UVC) USB2.0 PC Camera (SNP2UVC) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\sn​p2uvc.sys -> [2007/06/12 10:38:26 | 001,729,152 | ---- | M] ()
 (VNUSB) VN Series Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VN​USB.sys -> [2006/04/07 17:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.)
 
 [Registry - Safe List]
 < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
 HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://fr.fr.acer.yahoo.com ->
 < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
 < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
 < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
 < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
 < Internet Explorer Settings [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: Main\\"SearchMigratedDefaultNa​me" -> Yahoo! Search ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: Main\\"SearchMigratedDefaultUR​L" -> http://search.yahoo.com/search [...] 8&fr=b1ie7 ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: Main\\"Start Page" -> http://google.fr/ ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: Main\\"StartPageCache" -> 1 ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: "ProxyEnable" -> 0 ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\: "ProxyOverride" -> *.local ->
 < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mo​zilla
 HKLM\software\mozilla\Firefox\​Extensions ->  ->
 < FireFox Extensions [User Folders] > ->
 < HOSTS File > ([2006/09/18 22:41:30 | 000,000,736 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\et​c\hosts ->
 Reset Hosts
 ::1             localhost
 < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\ ->
 {2F364306-AA45-47B5-9F9D-39A8B​94E7EF7} [HKLM] -> C:\Program Files\FlashGet\jccatch.dll [FGCatchUrl] -> [2007/08/06 10:11:58 | 000,094,308 | ---- | M] (www.flashget.com)
 {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [Groove GFS Browser Helper] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation)
 {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> [2009/07/15 15:14:53 | 000,668,656 | ---- | M] (Google Inc.)
 {F156768E-81EF-470C-9057-481BA​8380DBA} [HKLM] -> C:\Program Files\FlashGet\getflash.dll [FlashGet GetFlash Class] -> [2007/05/18 17:13:10 | 000,163,840 | ---- | M] (www.flashget.com)
 < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\Sof​tware\Microsoft\Internet Explorer\Toolbar\ ->
 ShellBrowser\\"{5CBE3B7C-1E47-​477E-A7DD-396DB0476E29}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
 < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run ->
 "avgnt" -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH)
 "IAAnotif" -> C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe] -> [2007/12/14 09:55:00 | 000,174,616 | ---- | M] (Intel Corporation)
 "LManager" -> C:\PROGRA~1\LAUNCH~1\QtZgAcer.​EXE [C:\PROGRA~1\LAUNCH~1\QtZgAcer.​EXE] -> [2007/12/14 09:56:00 | 000,707,080 | ---- | M] (Dritek System Inc.)
 "LXBUCATS" -> C:\Windows\System32\spool\DRIV​ERS\W32X86\3\LXBUtime.DLL [rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16] -> [2007/02/22 04:12:02 | 000,073,728 | ---- | M] ()
 "NvCplDaemon" -> C:\Windows\System32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2009/08/06 18:48:22 | 013,797,920 | ---- | M] (NVIDIA Corporation)
 "PLFSet" -> C:\Windows\PLFSet.DLL [rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting] -> [2007/04/25 13:47:34 | 000,045,056 | ---- | M] ( )
 "RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2007/12/14 09:56:00 | 004,702,208 | ---- | M] (Realtek Semiconductor)
 "Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2007/12/14 09:56:00 | 001,826,816 | ---- | M] (Realtek Semiconductor Corp.)
 "SynTPStart" -> C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe [C:\Program Files\Synaptics\SynTP\SynTPStart.exe] -> [2007/12/14 09:55:00 | 000,102,400 | ---- | M] (Synaptics, Inc.)
 < RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\RunOnce ->
 "mctadmin" -> C:\Windows\System32\mctadmin.e​xe [C:\Windows\System32\mctadmin.e​xe] -> [2009/07/14 02:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation)
 < RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\RunOnce ->
 "mctadmin" -> C:\Windows\System32\mctadmin.e​xe [C:\Windows\System32\mctadmin.e​xe] -> [2009/07/14 02:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation)
 < Run [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Run ->
 "RocketDock" -> C:\Program Files\RocketDock\RocketDock.ex​e ["C:\Program Files\RocketDock\RocketDock.exe"] -> [2007/09/02 12:58:52 | 000,495,616 | ---- | M] ()
 < Software Policy Settings [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Policies\Microsoft\Inter​net Explorer ->
 < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer ->
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer
 \\"NoDriveAutoRun" ->  [67108863] -> File not found
 \\"NoDriveTypeAutoRun" ->  [255] -> File not found
 < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System ->
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System
 \\"ConsentPromptBehaviorAdmin" ->  [5] -> File not found
 \\"ConsentPromptBehaviorUser" ->  [3] -> File not found
 \\"HideLegacyLogonScripts" ->  [0] -> File not found
 \\"HideLogoffScripts" ->  [0] -> File not found
 \\"HideStartupScripts" ->  [0] -> File not found
 \\"RunLogonScriptSync" ->  [1] -> File not found
 \\"RunStartupScriptSync" ->  [1] -> File not found
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\System\UIPI\Clipboar​d\ExceptionFormats
 < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\policies\Explorer ->
 < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\policies\System ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\policies\System
 \\"HideLegacyLogonScripts" ->  [0] -> File not found
 \\"HideLogoffScripts" ->  [0] -> File not found
 \\"HideStartupScripts" ->  [0] -> File not found
 \\"RunLogonScriptSync" ->  [1] -> File not found
 \\"RunStartupScriptSync" ->  [1] -> File not found
 < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\Sof​tware\Microsoft\Internet Explorer\MenuExt\ ->
 &Télécharger avec FlashGet -> C:\Program Files\FlashGet\jc_link.htm [C:\Program Files\FlashGet\jc_link.htm] -> [2007/05/18 17:13:10 | 000,001,898 | ---- | M] ()
 &Tout télécharger avec FlashGet -> C:\Program Files\FlashGet\jc_all.htm [C:\Program Files\FlashGet\jc_all.htm] -> [2007/05/18 17:13:10 | 000,001,049 | ---- | M] ()
 E&xporter vers Microsoft Excel -> C:\Programmes\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\Off​ice12\EXCEL.EXE/3000] -> File not found
 < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Extensions\ ->
 {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600}:{5F7B1267-94A9-47F5-9​8DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll [Button: Ajout Direct] -> [2009/07/26 19:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
 {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600}:{5F7B1267-94A9-47F5-9​8DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll [Menu: &Ajout Direct dans Windows Live Writer] -> [2009/07/26 19:17:14 | 000,186,192 | ---- | M] (Microsoft Corporation)
 {2670000A-7350-4f3c-8081-5663E​E0C6C49}:{48E73304-E1D6-4330-9​14C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll [Button: Envoyer à OneNote] -> [2008/10/25 06:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation)
 {2670000A-7350-4f3c-8081-5663E​E0C6C49}:{48E73304-E1D6-4330-9​14C-F5F514E3486C} [HKLM] -> C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll [Menu: &Envoyer à OneNote] -> [2008/10/25 06:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation)
 {92780B25-18CC-41C8-B9BE-3C9C5​71A8263}:{FF059E31-CC5A-4E2E-B​F3B-96E929D65503} [HKLM] -> C:\PROGRA~1\MICROS~4\Office12\​REFIEBAR.DLL [Button: Research] -> [2009/03/06 03:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
 {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3}:Exec [HKLM] -> C:\Program Files\FlashGet\FlashGet.exe [Button: FlashGet] -> [2007/09/25 09:10:50 | 002,007,088 | ---- | M] (FlashGet.com)
 {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3}:Exec [HKLM] -> C:\Program Files\FlashGet\FlashGet.exe [Menu: FlashGet] -> [2007/09/25 09:10:50 | 002,007,088 | ---- | M] (FlashGet.com)
 < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Plugins\ ->
 < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\URL\DefaultPrefix
 "" -> http://
 < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Internet Settings\ZoneMap\Domains\ ->
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
 < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ ->
 HKEY_USERS\.DEFAULT\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
 < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_USERS\.DEFAULT\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ ->
 HKEY_USERS\S-1-5-18\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
 < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_USERS\S-1-5-18\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ ->
 HKEY_USERS\S-1-5-19\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
 < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_USERS\S-1-5-19\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ ->
 HKEY_USERS\S-1-5-20\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
 < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_USERS\S-1-5-20\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Trusted Sites Domains [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Internet Settings\ZoneMap\Domains\ ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
 line6.net .
  • -> Trusted sites ->
localhost .[http] -> Trusted sites ->
 < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\] > -> HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Internet Settings\ZoneMap\Ranges\ ->
 HKEY_USERS\S-1-5-21-4119355899​-2911314421-214302231-1000\SOF​TWARE\Microsoft\Windows\Curren​tVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
 < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\ ->
 {04CB5B64-5915-4629-B869-8945C​EBADD21} [HKLM] -> https://static.impots.gouv.fr/ [...] rtdgi1.cab [Module de délivrance de certificat MINEFI] ->
 {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} [HKLM] -> http://webscanner.kaspersky.fr [...] nicode.cab [CKAVWebScan Object] ->
 {166B1BCA-3F9C-11CF-8075-44455​3540000} [HKLM] -> http://download.macromedia.com [...] tor/sw.cab [Shockwave ActiveX Control] ->
 {17492023-C23A-453E-A040-C7C58​0BBF700} [HKLM] -> http://download.microsoft.com/ [...] ontrol.cab [Windows Genuine Advantage Validation Tool] ->
 {1E54D648-B804-468d-BC78-4AFFE​D8E262F} [HKLM] -> http://www.nvidia.com/content/ [...] ab_nvd.cab [System Requirements Lab Class] ->
 {39B0684F-D7BF-4743-B050-FDC3F​48F7E3B} [HKLM] -> http://www.fileplanet.com/fpdl [...] .7.109.cab [CDownloadCtrl Object] ->
 {4871A87A-BFDD-4106-8153-FFDE2​BAC2967} [HKLM] -> http://dlm.tools.akamai.com/dl [...] .2.4.8.cab [DLM Control] ->
 {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} [HKLM] -> http://download.divx.com/playe [...] Plugin.cab [DivXBrowserPlugin Object] ->
 {88764F69-3831-4EC1-B40B-FF21D​8381345} [HKLM] -> https://static.impots.gouv.fr/ [...] DP-1.1.cab [AdVerifierADPCtrl Class] ->
 {8AD9C840-044E-11D1-B3E9-00805​F499D93} [HKLM] -> http://java.sun.com/update/1.6 [...] s-i586.cab [Java Plug-in 1.6.0_14] ->
 {CAFEEFAC-0016-0000-0014-ABCDE​FFEDCBA} [HKLM] -> http://java.sun.com/update/1.6 [...] s-i586.cab [Java Plug-in 1.6.0_14] ->
 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} [HKLM] -> http://java.sun.com/update/1.6 [...] s-i586.cab [Java Plug-in 1.6.0_14] ->
 {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} [HKLM] -> http://platformdl.adobe.com/NO [...] 1.6/gp.cab [Reg Error: Key error.] ->
 < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\Tcpip\P​arameters\ ->
 DhcpNameServer -> 192.168.1.254 ->
 < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\Tcpip\P​arameters\Adapters\ ->
 {ECAD6550-649C-45FE-AF24-1D83F​1F6C410}\\DhcpNameServer -> 192.168.1.254   (Liaison WiFi sans fil Intel(R) 4965AGN) ->
 < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon ->
 *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\\Sh​ell ->
 Explorer.exe -> C:\Windows\explorer.exe -> [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
 *MultiFile Done* -> ->
 *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\\VM​Applet ->
 SystemPropertiesPerformance.ex​e -> C:\Windows\System32\SystemProp​ertiesPerformance.exe -> [2009/07/14 02:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
 /pagefile ->  -> File not found
 *MultiFile Done* -> ->
 < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad ->
 "{E6FB5E20-DE35-11CF-9C87-00AA​005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
 < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks ->
 "{B5A7F190-DDA6-4420-B3BA-5245​3494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 14:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation)
 < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa\\Sec​urity Packages ->
 *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa\\Sec​urity Packages ->
 pku2u -> C:\Windows\System32\pku2u.dll -> [2009/07/14 02:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation)
 *MultiFile Done* -> ->
 < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SharedA​ccess\Parameters\FirewallPolic​y\StandardProfile\AuthorizedAp​plications\List ->
 "C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe" -> C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe [C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption] -> File not found
 "C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe" -> C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe [C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu] -> File not found
 "C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe" -> C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe [C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption] -> File not found
 < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot ->
 < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\Cdrom ->
 "AutoRun" -> 1 ->
 "DisplayName" -> Pilote de CD-ROM ->
 "ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
 < Drives with AutoRun files > ->  ->
 C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/10 22:42:20 | 000,000,024 | ---- | M] ()
 < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Explorer\MountPoints2 ->
 < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[command]\command ->
 comfile [open] -> "%1" %* ->
 exefile [open] -> "%1" %* ->
 < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>\ ->
 .com [@ = comfile] -> "%1" %* ->
 .exe [@ = exefile] -> "%1" %* ->
 
 [Registry - Additional Scans - Safe List]
 < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[command]\command ->
 batfile [open] -> "%1" %* ->
 cmdfile [open] -> "%1" %* ->
 comfile [open] -> "%1" %* ->
 cplfile [cplopen] -> %SystemRoot%\System32\control.​exe "%1",%* -> [2009/07/14 02:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
 exefile [open] -> "%1" %* ->
 hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2009/07/14 02:14:45 | 000,009,728 | ---- | M] (Microsoft Corporation)
 htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 09:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
 htmlfile [print] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 09:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
 piffile [open] -> "%1" %* ->
 scrfile [config] -> "%1" ->
 scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2009/07/14 02:14:08 | 000,128,000 | ---- | M] (Microsoft Corporation)
 scrfile [open] -> "%1" /S ->
 Unknown [openas] -> %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1 ->
 Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2009/07/14 02:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation)
 Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
 Directory [OneNote.Open] -> C:\PROGRA~1\MICROS~4\Office12\​ONENOTE.EXE "%L" -> File not found
 Folder [open] -> %SystemRoot%\Explorer.exe -> [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
 Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation)
 < EventViewer Logs - Last 10 Errors > -> Event Information -> Description
 Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
 [Files/Folders - Created Within 30 Days]
 Trend Micro -> C:\Program Files\Trend Micro -> [2010/03/18 15:42:07 | 000,000,000 | ---D | C]
 RootRepeal -> C:\RootRepeal -> [2010/03/18 15:36:04 | 000,000,000 | ---D | C]
 Vega5maj -> C:\Vega5maj -> [2010/03/15 19:48:50 | 000,000,000 | ---D | C]
 Vega5 -> C:\Vega5 -> [2010/03/15 19:48:50 | 000,000,000 | ---D | C]
 browserchoice.exe -> C:\Windows\System32\browsercho​ice.exe -> [2010/03/15 15:50:33 | 000,293,376 | ---- | C] (Microsoft Corporation)
 Applications -> C:\Users\Nicolas\Bureau\Applic​ations -> [2010/03/13 16:32:17 | 000,000,000 | -H-D | C]
 Outils -> C:\Users\Nicolas\Bureau\Outils -> [2010/03/12 23:14:39 | 000,000,000 | RH-D | C]
 Multimedia -> C:\Users\Nicolas\Bureau\Multim​edia -> [2010/03/12 23:00:06 | 000,000,000 | RH-D | C]
 Image -> C:\Users\Nicolas\Bureau\Image -> [2010/03/12 19:50:07 | 000,000,000 | RH-D | C]
 Energie -> C:\Users\Nicolas\Bureau\Energi​e -> [2010/03/12 19:43:14 | 000,000,000 | -H-D | C]
 Digital Wave Player -> D:\Nicolas\Documents\Digital Wave Player -> [2010/03/11 22:38:47 | 000,000,000 | ---D | C]
 SNWValid.dll -> C:\Windows\System32\SNWValid.d​ll -> [2010/03/11 21:55:32 | 000,231,936 | R--- | C] (Cendant Software)
 SierraNW.dll -> C:\Windows\System32\SierraNW.d​ll -> [2010/03/11 21:55:31 | 001,022,976 | R--- | C] (Cendant Software)
 IsUninst.Exe -> C:\Windows\IsUninst.Exe -> [2010/03/11 21:55:28 | 000,327,168 | ---- | C] (InstallShield Software Corporation)
 MFC250.DLL -> C:\Windows\System32\MFC250.DLL -> [2010/03/11 21:54:46 | 000,320,880 | R--- | C] (Microsoft Corporation)
 MFCOLEUI.DLL -> C:\Windows\System32\MFCOLEUI.D​LL -> [2010/03/11 21:54:46 | 000,146,976 | R--- | C] (Microsoft Corporation)
 MFCO250.DLL -> C:\Windows\System32\MFCO250.DL​L -> [2010/03/11 21:54:46 | 000,125,344 | R--- | C] (Microsoft Corporation)
 MFCD250.DLL -> C:\Windows\System32\MFCD250.DL​L -> [2010/03/11 21:54:46 | 000,051,920 | R--- | C] (Microsoft Corporation)
 MFCN250.DLL -> C:\Windows\System32\MFCN250.DL​L -> [2010/03/11 21:54:46 | 000,011,072 | R--- | C] (Microsoft Corporation)
 Sierra On-Line -> C:\Program Files\Sierra On-Line -> [2010/03/11 21:54:30 | 000,000,000 | ---D | C]
 SIERRA -> C:\SIERRA -> [2010/03/11 21:54:30 | 000,000,000 | ---D | C]
 Unity -> C:\Users\Nicolas\AppData\Local​\Unity -> [2010/03/11 20:12:53 | 000,000,000 | ---D | C]
 jscript.dll -> C:\Windows\System32\jscript.dl​l -> [2010/02/24 18:39:12 | 000,716,800 | ---- | C] (Microsoft Corporation)
 CPFilters.dll -> C:\Windows\System32\CPFilters.​dll -> [2010/02/24 18:39:09 | 000,641,536 | ---- | C] (Microsoft Corporation)
 psisdecd.dll -> C:\Windows\System32\psisdecd.d​ll -> [2010/02/24 18:39:09 | 000,465,408 | ---- | C] (Microsoft Corporation)
 msdri.dll -> C:\Windows\System32\msdri.dll -> [2010/02/24 18:39:09 | 000,417,792 | ---- | C] (Microsoft Corporation)
 MSNP.ax -> C:\Windows\System32\MSNP.ax -> [2010/02/24 18:39:09 | 000,204,288 | ---- | C] (Microsoft Corporation)
 tzres.dll -> C:\Windows\System32\tzres.dll -> [2010/02/24 18:39:06 | 000,002,048 | ---- | C] (Microsoft Corporation)
 LiveCAD3 -> C:\Users\Nicolas\AppData\Roami​ng\LiveCAD3 -> [2010/02/21 22:59:39 | 000,000,000 | ---D | C]
 XAudio2_6.dll -> C:\Windows\System32\XAudio2_6.​dll -> [2010/02/21 22:59:32 | 000,528,216 | ---- | C] (Microsoft Corporation)
 xactengine3_6.dll -> C:\Windows\System32\xactengine​3_6.dll -> [2010/02/21 22:59:32 | 000,238,936 | ---- | C] (Microsoft Corporation)
 XAPOFX1_4.dll -> C:\Windows\System32\XAPOFX1_4.​dll -> [2010/02/21 22:59:32 | 000,074,072 | ---- | C] (Microsoft Corporation)
 X3DAudio1_7.dll -> C:\Windows\System32\X3DAudio1_​7.dll -> [2010/02/21 22:59:31 | 000,022,360 | ---- | C] (Microsoft Corporation)
 XAudio2_5.dll -> C:\Windows\System32\XAudio2_5.​dll -> [2010/02/21 22:59:30 | 000,515,416 | ---- | C] (Microsoft Corporation)
 XAPOFX1_3.dll -> C:\Windows\System32\XAPOFX1_3.​dll -> [2010/02/21 22:59:30 | 000,069,464 | ---- | C] (Microsoft Corporation)
 d3dcsx_42.dll -> C:\Windows\System32\d3dcsx_42.​dll -> [2010/02/21 22:59:29 | 005,501,792 | ---- | C] (Microsoft Corporation)
 D3DCompiler_42.dll -> C:\Windows\System32\D3DCompile​r_42.dll -> [2010/02/21 22:59:29 | 001,974,616 | ---- | C] (Microsoft Corporation)
 d3dx10_42.dll -> C:\Windows\System32\d3dx10_42.​dll -> [2010/02/21 22:59:29 | 000,453,456 | ---- | C] (Microsoft Corporation)
 xactengine3_5.dll -> C:\Windows\System32\xactengine​3_5.dll -> [2010/02/21 22:59:29 | 000,238,936 | ---- | C] (Microsoft Corporation)
 d3dx11_42.dll -> C:\Windows\System32\d3dx11_42.​dll -> [2010/02/21 22:59:29 | 000,235,344 | ---- | C] (Microsoft Corporation)
 D3DX9_42.dll -> C:\Windows\System32\D3DX9_42.d​ll -> [2010/02/21 22:59:28 | 001,892,184 | ---- | C] (Microsoft Corporation)
 XAudio2_2.dll -> C:\Windows\System32\XAudio2_2.​dll -> [2010/02/21 22:59:27 | 000,509,448 | ---- | C] (Microsoft Corporation)
 XAPOFX1_1.dll -> C:\Windows\System32\XAPOFX1_1.​dll -> [2010/02/21 22:59:27 | 000,068,616 | ---- | C] (Microsoft Corporation)
 xactengine3_2.dll -> C:\Windows\System32\xactengine​3_2.dll -> [2010/02/21 22:59:26 | 000,238,088 | ---- | C] (Microsoft Corporation)
 msdownld.tmp -> C:\Windows\msdownld.tmp -> [2010/02/21 22:44:12 | 000,000,000 | -H-D | C]
 directx -> C:\Windows\System32\directx -> [2010/02/21 22:44:09 | 000,000,000 | ---D | C]
 LiveCAD -> C:\Program Files\LiveCAD -> [2010/02/21 22:43:50 | 000,000,000 | ---D | C]
 My Stationery -> D:\Nicolas\Documents\My Stationery -> [2010/02/20 16:25:50 | 000,000,000 | R-SD | C]
 Bouygues-BboxMini.649F13D0CDF9​68A472A16014E8BC8A2ED131D04E.1 -> C:\Users\Nicolas\AppData\Roami​ng\Bouygues-BboxMini.649F13D0C​DF968A472A16014E8BC8A2ED131D04​E.1 -> [2010/02/19 17:43:12 | 000,000,000 | ---D | C]
 Bouygues Telecom Mes services en un clic -> C:\Program Files\Bouygues Telecom Mes services en un clic -> [2010/02/19 17:43:09 | 000,000,000 | ---D | C]
 Adobe AIR -> C:\Program Files\Common Files\Adobe AIR -> [2010/02/19 17:43:07 | 000,000,000 | ---D | C]
 Plans -> D:\Nicolas\Documents\Plans -> [2010/02/18 21:23:40 | 000,000,000 | ---D | C]
 LXBUhcp.dll -> C:\Windows\System32\LXBUhcp.dl​l -> [2009/08/23 14:30:56 | 000,323,584 | ---- | C] ( )
 lxdehcp.dll -> C:\Windows\System32\lxdehcp.dl​l -> [2009/05/14 20:19:28 | 000,434,176 | ---- | C] ( )
 PLFSet.dll -> C:\Windows\PLFSet.dll -> [2008/01/20 17:48:05 | 000,045,056 | ---- | C] ( )
 rsnp2uvc.dll -> C:\Windows\System32\rsnp2uvc.d​ll -> [2008/01/20 17:48:04 | 000,172,032 | ---- | C] ( )
 csnp2uvc.dll -> C:\Windows\System32\csnp2uvc.d​ll -> [2008/01/20 17:48:04 | 000,053,248 | ---- | C] ( )
 lxdepmui.dll -> C:\Windows\System32\lxdepmui.d​ll -> [2007/05/17 15:08:58 | 000,647,168 | ---- | C] ( )
 lxdeserv.dll -> C:\Windows\System32\lxdeserv.d​ll -> [2007/05/17 15:06:39 | 001,200,128 | ---- | C] ( )
 lxdelmpm.dll -> C:\Windows\System32\lxdelmpm.d​ll -> [2007/05/17 15:00:32 | 000,565,248 | ---- | C] ( )
 lxdecomm.dll -> C:\Windows\System32\lxdecomm.d​ll -> [2007/05/17 15:00:32 | 000,364,544 | ---- | C] ( )
 lxdeinpa.dll -> C:\Windows\System32\lxdeinpa.d​ll -> [2007/05/17 15:00:32 | 000,356,352 | ---- | C] ( )
 lxdehbn3.dll -> C:\Windows\System32\lxdehbn3.d​ll -> [2007/05/17 14:59:33 | 000,663,552 | ---- | C] ( )
 lxdeusb1.dll -> C:\Windows\System32\lxdeusb1.d​ll -> [2007/05/17 14:57:52 | 000,950,272 | ---- | C] ( )
 lxdecomc.dll -> C:\Windows\System32\lxdecomc.d​ll -> [2007/05/17 14:56:55 | 000,860,160 | ---- | C] ( )
 lxdeiesc.dll -> C:\Windows\System32\lxdeiesc.d​ll -> [2007/05/17 14:52:56 | 000,339,968 | ---- | C] ( )
 lxdeprox.dll -> C:\Windows\System32\lxdeprox.d​ll -> [2007/05/17 14:51:29 | 000,053,248 | ---- | C] ( )
 2 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->
 
 [Files/Folders - Modified Within 30 Days]
 NTUSER.DAT -> C:\Users\Nicolas\NTUSER.DAT -> [2010/03/18 19:03:51 | 006,553,600 | -HS- | M] ()
 bootstat.dat -> C:\Windows\bootstat.dat -> [2010/03/18 18:26:57 | 000,067,584 | --S- | M] ()
 GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateT​askMachineUA.job -> [2010/03/18 17:16:00 | 000,001,054 | ---- | M] ()
 settings.dat -> C:\Windows\System32\settings.d​at -> [2010/03/18 15:48:28 | 000,000,000 | ---- | M] ()
 RootRepeal.zip -> C:\RootRepeal.zip -> [2010/03/18 15:33:17 | 000,464,491 | ---- | M] ()
 GoogleUpdateTaskMachineCore.jo​b -> C:\Windows\tasks\GoogleUpdateT​askMachineCore.job -> [2010/03/18 14:16:00 | 000,001,050 | ---- | M] ()
 Google Software Updater.job -> C:\Windows\tasks\Google Software Updater.job -> [2010/03/18 14:10:18 | 000,001,002 | ---- | M] ()
 7B296FB0-376B-497e-B012-9C450E​1B7327-5P-1.C7483456-A289-439d​-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​1.C7483456-A289-439d-8115-6016​32D005A0 -> [2010/03/17 19:53:48 | 000,009,504 | -H-- | M] ()
 7B296FB0-376B-497e-B012-9C450E​1B7327-5P-0.C7483456-A289-439d​-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​0.C7483456-A289-439d-8115-6016​32D005A0 -> [2010/03/17 19:53:48 | 000,009,504 | -H-- | M] ()
 GlaryInitialize.job -> C:\Windows\tasks\GlaryInitiali​ze.job -> [2010/03/17 19:46:38 | 000,000,316 | ---- | M] ()
 SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/03/17 19:46:22 | 000,000,006 | -H-- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2010/03/17 19:46:10 | 2414,682,112 | -HS- | M] ()
 IconCache.db -> C:\Users\Nicolas\AppData\Local​\IconCache.db -> [2010/03/17 18:43:53 | 007,543,752 | -H-- | M] ()
 nicolasmasson.mny -> D:\Nicolas\Documents\nicolasma​sson.mny -> [2010/03/17 18:40:21 | 004,231,168 | ---- | M] ()
 nicolasmasson.mbf -> D:\Nicolas\Documents\nicolasma​sson.mbf -> [2010/03/17 18:40:17 | 004,232,584 | R--- | M] ()
 Local.doc -> C:\Users\Nicolas\Bureau\Local.​doc -> [2010/03/14 15:51:56 | 000,102,400 | ---- | M] ()
 ntuser.pol -> C:\ProgramData\ntuser.pol -> [2010/03/12 22:42:01 | 000,000,290 | RHS- | M] ()
 theme.themepack -> C:\Users\Nicolas\AppData\Roami​ng\theme.themepack -> [2010/03/12 18:49:28 | 000,929,107 | ---- | M] ()
 SIERRA.INI -> C:\Windows\SIERRA.INI -> [2010/03/11 21:56:16 | 000,000,284 | ---- | M] ()
 PerfStringBackup.INI -> C:\Windows\System32\PerfString​Backup.INI -> [2010/02/26 15:02:55 | 001,533,788 | ---- | M] ()
 perfh00C.dat -> C:\Windows\System32\perfh00C.d​at -> [2010/02/26 15:02:55 | 000,698,204 | ---- | M] ()
 perfh009.dat -> C:\Windows\System32\perfh009.d​at -> [2010/02/26 15:02:55 | 000,610,538 | ---- | M] ()
 perfc00C.dat -> C:\Windows\System32\perfc00C.d​at -> [2010/02/26 15:02:55 | 000,128,748 | ---- | M] ()
 perfc009.dat -> C:\Windows\System32\perfc009.d​at -> [2010/02/26 15:02:55 | 000,104,598 | ---- | M] ()
 2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp ->
 2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp ->
 2 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->
 
 [Files - No Company Name]
 settings.dat -> C:\Windows\System32\settings.d​at -> [2010/03/18 15:48:28 | 000,000,000 | ---- | C] ()
 RootRepeal.zip -> C:\RootRepeal.zip -> [2010/03/18 15:33:17 | 000,464,491 | ---- | C] ()
 Local.doc -> C:\Users\Nicolas\Bureau\Local.​doc -> [2010/03/14 15:19:19 | 000,102,400 | ---- | C] ()
 theme.themepack -> C:\Users\Nicolas\AppData\Roami​ng\theme.themepack -> [2010/03/12 18:49:27 | 000,929,107 | ---- | C] ()
 SIERRA.INI -> C:\Windows\SIERRA.INI -> [2010/03/11 21:53:58 | 000,000,284 | ---- | C] ()
 SoftWriting.ini -> C:\Windows\SoftWriting.ini -> [2010/02/02 22:44:26 | 000,000,327 | ---- | C] ()
 OdiOlDVR.dll -> C:\Windows\System32\OdiOlDVR.d​ll -> [2009/12/16 15:46:34 | 000,114,688 | ---- | C] ()
 OdiAPI.dll -> C:\Windows\System32\OdiAPI.dll -> [2009/12/16 15:46:34 | 000,053,248 | ---- | C] ()
 EhStorAuthn.dll -> C:\Windows\System32\EhStorAuth​n.dll -> [2009/10/20 16:58:50 | 000,117,248 | ---- | C] ()
 ImportClient.INI -> C:\Windows\ImportClient.INI -> [2009/08/27 01:34:13 | 000,000,075 | ---- | C] ()
 LXBUinst.dll -> C:\Windows\System32\LXBUinst.d​ll -> [2009/08/23 14:30:56 | 000,274,432 | ---- | C] ()
 DeskHack.dll -> C:\Windows\System32\DeskHack.d​ll -> [2009/07/24 13:58:53 | 000,012,800 | ---- | C] ()
 AVSredirect.dll -> C:\Windows\System32\AVSredirec​t.dll -> [2009/07/21 00:39:15 | 000,027,648 | ---- | C] ()
 GlobalUserInterface.CompositeF​ont -> C:\Windows\Fonts\GlobalUserInt​erface.CompositeFont -> [2009/07/14 05:52:31 | 000,043,318 | ---- | C] ()
 GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.C​ompositeFont -> [2009/07/14 05:52

(Publicité)
  1. Posté le 18/03/2010 à 23:36:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Télécharger le logiciel suivant: Malwarebytes' Anti-Malware (Gratuit) (Windows 2K et + 32/64 bits)

 http://www.malwarebytes.org/mbam.php

 Une fois installé lorsques que vous allez démarrer le logiciel il va demander de ce mettre à jour et cliquer "ok".

 Sinon cliquer sur l'onglet "mise à jour" et sur "Recherche de mise à jour" pour la version gratuite avant chaque scan.

 Dans l'onglet "Recherche" ,Vérifier que c'est bien "Exécuter un examen complet" qui est coché et appuyer le bouton "Rechercher".

 Quand il aura fini cliquer sur "ok".

 Vous allez maintenant être de retour à l'écran principal de la recherche. Cliquer sur "Afficher les résultats".
 Maintenant vous allez voir le résultat avec les fichiers infectés.

 Cliquer ensuite "Supprimer la Selection" et une fois terminée, il va ouvrir le "Bloc note" avec le résultat du travail.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/03/2010 à 12:20:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai toujours le même probleme, malgres la suppression avec MalwarBytes

 Malwarebytes' Anti-Malware 1.44
 Version de la base de données: 3510
 Windows 6.1.7600
 Internet Explorer 8.0.7600.16385

 14/03/2010 23:29:27
 mbam-log-2010-03-14 (23-29-27).txt

 Type de recherche: Examen complet (C:\|D:\|Q:\|)
 Eléments examinés: 448179
 Temps écoulé: 1 hour(s), 37 minute(s), 7 second(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 2
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 0
 Fichier(s) infecté(s): 0

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{1d4db7d2-6ec9-47​a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{1e0de227-5ce4-4e​a3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 (Aucun élément nuisible détecté)

 Fichier(s) infecté(s):
 (Aucun élément nuisible détecté)

  1. Posté le 20/03/2010 à 18:50:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Faites un scan avec ceci:



 Télécharger RootRepeal sur votre bureau.

 http://rootrepeal.googlepages.com/RootRepeal.zip

 Créer ensuite un nouveau répertoire dans c:\. Ouvrir le "Poste de Travail" ou Explorateur Windows et faire bouton de droit sur c:\ sélectionner "Nouveau" et "Dossier". Vous allez le nommer RootRepeal.

 Le fichier est en format "ZIP" donc il faut le décompresser dans le nouveau dossier RootRepeal. Vous cliquez droit sur le fichier RootRepeal.zip et cliquer sur "extraire vers" et choisir C:\RootRepeal.

 Pour démarrer le logiciel sous Vista et Windows 7, vous devez faire bouton droit sur RootRepeal.exe et exécuter en tant qu'administrateur.

 Maintenant voici comment le paramétrer.

 Cliquez sur l'onglet Report puis sur le bouton Scan, vous cochez: Drivers, Files, Processes, SSDT, Stealth Objects, Hidden Services et Shadow SSDT et cliquer "OK".
 Choisir la partition du système d'exploitation. Normalement "C:\" qui est à scanner. Ne rien faire pendant le scan.
 À la fin du scan, cliquer sur le bouton "Save report" et enregistrer le log dans le dossier RootRepeal sous le nom RootRepeal111.txt.
 Fournir le log complet sur un forum même s'il est très long. Prendre plus d'un "post".

(Publicité)
nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 21/03/2010 à 19:50:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Désolé, mais le logiciel ne marche pas. Pourtant j'exécute en tant qu'administrateur.

 http://img115.imageshack.us/im​g115/5700/capturepa.jpg

  1. Posté le 22/03/2010 à 00:24:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bon ok!

 Vérifions alors avec ceci:

 Télécharger le démo de 30 jours de Hitman Pro qui est pleinement fonctionnel et scanner votre machine. Redémarrer si demandé. Prendre la version 32 ou 64 bits selon votre Windows.
 http://www.surfright.nl/en/hitmanpro

 Trouve t-il quelque chose ?


nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 22/03/2010 à 21:32:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Il n'a rien trouvé

 Ne serait-ce pas un problème dans l'OS lui même ?

(Publicité)
  1. Posté le 23/03/2010 à 03:15:59  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Quel est le message des icône du panneau de configuration ?

 Faire également un log avec RSIT ici:

 Téléchargement de Random's system information tool Incompatible windows 7 64 bit

 http://images.malwareremoval.com/random/RSIT.exe

 Cliquez pour le télécharger et dans enregistrer sous le mettre sur le bureau. Cliquer sur le fichier pour générer les logs. RSIT installe Hijackthis en même temps.

 Ensuite vous cliquez sur RSIT.exe. Cliquer sur "continuer" ou changer le temps par défaut soit un mois à 2 ou 3 mois si vous pensez que l'infection date de ce temps.

 Le scan terminée, 2 fenêtres "bloc note" vont s'ouvrir. Vous me copier/coller log.txt en premier et info.txt en second.

 Dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/03/2010 à 19:54:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Le scan ne peut pas se lancer, ça plante à "listing services and drivers" :

 http://img405.imageshack.us/im​g405/9611/capturebv.jpg

  1. Posté le 23/03/2010 à 20:01:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Vous avez Windows 7 il est incompatible mais nous allons arranger cela!

 Faire bouton droit Propriétés sur RSIT.exe et aller dans l'onglet Compatibilité et cocher: "Exécuter en programme en mode de compatibilité pour:" et choisir Windows Vista sp2 et cliquer appliquer.

 Re-cliquer sur RIST.exe

(Publicité)
nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/03/2010 à 21:12:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Logfile of random's system information tool 1.06 (written by random/random)
 Run by Nicolas at 2010-03-23 21:04:59
 Microsoft Windows 7 Édition Familiale Premium  Service Pack 2
 System drive C: has 32 GB (28%) free of 114 GB
 Total RAM: 3070 MB (56% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 21:05:01, on 23/03/2010
 Platform: Unknown Windows (WinNT 6.01.3504)
 MSIE: Internet Explorer v8.00 (8.00.7600.16385)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Program Files\Launch Manager\QtZgAcer.EXE
 C:\Program Files\RocketDock\RocketDock.ex​e
 C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
 C:\Program Files\Windows Live\Mail\wlmail.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Program Files\Safari\Safari.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Users\Nicolas\Bureau\RSIT.e​xe
 C:\Program Files\trend micro\Nicolas.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://google.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = *.local
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B​94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1​D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA​8380DBA} - C:\Program Files\FlashGet\getflash.dll
 O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [Skytel] Skytel.exe
 O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSe​tting
 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
 O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
 O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\Windows\system32\spool\DRIV​ERS\W32X86\3\LXBUtime.dll,_Run​DLLEntry@16
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.​EXE
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.ex​e"
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe (User 'SERVICE RÉSEAU')
 O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
 O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
 O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Off​ice12\EXCEL.EXE/3000
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll
 O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663E​E0C6C49} - C:\PROGRA~1\MICROS~4\Office12\​ONBttnIE.dll
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~4\Office12\​REFIEBAR.DLL
 O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3} - C:\Program Files\FlashGet\FlashGet.exe
 O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050B​A6940E3} - C:\Program Files\FlashGet\FlashGet.exe
 O13 - Gopher Prefix:
 O15 - Trusted Zone: *.line6.net
 O16 - DPF: {04CB5B64-5915-4629-B869-8945C​EBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/ [...] rtdgi1.cab
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr [...] nicode.cab
 O16 - DPF: {1E54D648-B804-468d-BC78-4AFFE​D8E262F} (System Requirements Lab) - http://www.nvidia.com/content/ [...] ab_nvd.cab
 O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F​48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdl [...] .7.109.cab
 O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2​BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dl [...] .2.4.8.cab
 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F2​1721616} (DivXBrowserPlugin Object) - http://download.divx.com/playe [...] Plugin.cab
 O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D​8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/ [...] DP-1.1.cab
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB62​48B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemSe​rvices.dll
 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKY​PE4~1.DLL
 O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
 O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe
 O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.ex​e
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e
 O23 - Service: Service Google Update (gupdate1ca0556c29c4cf0) (gupdate1ca0556c29c4cf0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe
 O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
 O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe
 O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
 O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.​exe
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 8959 bytes

 ======Scheduled tasks folder======

 C:\Windows\tasks\GlaryInitiali​ze.job
 C:\Windows\tasks\Google Software Updater.job
 C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 C:\Windows\tasks\GoogleUpdateT​askMachineUA.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
 FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
 Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2009-02-12 2217848]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
 Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNoti​fier\5.1.1309.3572\swg.dll [2009-07-15 668656]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
 FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPSta​rt.exe [2007-12-14 102400]
 "RtHDVCpl"=C:\Windows\RtHDVCpl​.exe [2007-12-14 4702208]
 "Skytel"=C:\Windows\Skytel.exe [2007-12-14 1826816]
 "PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056]
 "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
 "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-12-14 174616]
 "LXBUCATS"=rundll32 C:\Windows\system32\spool\DRIV​ERS\W32X86\3\LXBUtime.dll,_Run​DLLEntry@16 []
 "LManager"=C:\PROGRA~1\LAUNCH~​1\QtZgAcer.EXE [2007-12-14 707080]
 "NvCplDaemon"=C:\Windows\syste​m32\NvCpl.dll [2009-08-06 13797920]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "RocketDock"=C:\Program Files\RocketDock\RocketDock.ex​e [2007-09-02 495616]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AlcoholAutomount]
 C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2009-04-24 203416]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\eDat​aSecurity Loader]
 []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Goog​le Update]
 C:\Users\Nicolas\AppData\Local​\Google\Update\GoogleUpdate.ex​e /c []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\GrooveMonitor]
 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.​exe [2008-10-25 31072]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\igndlm.exe]
 C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\iTunesHelper]
 C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\lxdeamon]
 C:\Program Files\Lexmark 4800 Series\lxdeamon.exe [2007-06-01 20480]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\lxdemon.exe]
 C:\Program Files\Lexmark 4800 Series\lxdemon.exe [2007-06-11 455600]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Sidebar]
 C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 C:\Program Files\Java\jre6\bin\jusched.ex​e [2009-05-21 148888]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\UtiliSync]
 []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
 C:\Program Files\VirtualCloneDrive\VCDDae​mon.exe [2009-05-26 85160]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\WarReg_PopUp]
 C:\Acer\WR_PopUp\WarReg_PopUp.​exe [2006-11-05 57344]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\Wind​ows Defender]
 C:\Program Files\Windows Defender\MSASCui.exe [2009-07-14 660480]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\WMPNSCFG]
 C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-07-14 65024]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^ProgramData^Microsoft^Window​s^Start Menu^Programs^Startup^Empoweri​ng Technology Launcher.lnk]
 C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^ProgramData^Microsoft^Window​s^Start Menu^Programs^Startup^Event Reminder.lnk]
 C:\PROGRA~1\BRODER~1\PRINTM~1\​PMremind.exe [2001-10-29 323584]

 C:\Users\Nicolas\AppData\Roami​ng\Microsoft\Windows\Start Menu\Programs\Startup
 Logitech Touch Mouse Server.lnk - C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks]
 "{B5A7F190-DDA6-4420-B3BA-5245​3494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExt​ensions.dll [2009-02-12 2217848]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\EFS]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\Power]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\RpcEptMapper]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\vmms]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\WudfPf]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\WudfRd]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\Minimal\WudfSvc]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\EFS]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\hitmanpro35]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\hitmanpro35.sys]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\ndiscap]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\Power]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\RpcEptMapper]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\VaultSvc]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\vmms]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfPf]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfRd]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfSvc]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\WudfUsbccidDriver]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\System]
 "RunStartupScriptSync"=1

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "ConsentPromptBehaviorAdmin"=5
 "ConsentPromptBehaviorUser"=3
 "EnableUIADesktopToggle"=0
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1
 "legalnoticetext"=
 "RunStartupScriptSync"=1

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\explorer]
 "BindDirectlyToPropertySetStor​age"=
 "NoDriveAutoRun"=
 "NoDriveTypeAutoRun"=

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decry​ption.exe:*:Enabled:decryption​"
 "C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfs​u.exe:*:Enabled:eDSfsu"
 "C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encry​ption.exe:*:Enabled:encryption​"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]

 ======File associations======

 .js - edit - C:\Windows\System32\Notepad.ex​e %1
 .js - open - C:\Windows\System32\WScript.ex​e "%1" %*
 .reg - edit -
 .reg - open - c:\Winnt\Regedit.exe %1

 ======List of files/folders created in the last 3 months======

 2010-03-23 19:50:33 ----D---- C:\rsit
 2010-03-22 21:56:30 ----D---- C:\Program Files\IKEA HomePlanner
 2010-03-22 20:07:58 ----D---- C:\ProgramData\Hitman Pro
 2010-03-22 20:07:58 ----D---- C:\Program Files\Hitman Pro 3.5
 2010-03-18 15:42:07 ----D---- C:\Program Files\Trend Micro
 2010-03-18 15:36:04 ----D---- C:\RootRepeal
 2010-03-15 19:48:50 ----D---- C:\Vega5maj
 2010-03-15 19:48:50 ----D---- C:\Vega5
 2010-03-15 15:50:33 ----A---- C:\Windows\system32\browsercho​ice.exe
 2010-03-11 21:55:32 ----RA---- C:\Windows\system32\SNWValid.d​ll
 2010-03-11 21:55:31 ----RA---- C:\Windows\system32\SierraNW.d​ll
 2010-03-11 21:55:28 ----A---- C:\Windows\IsUninst.Exe
 2010-03-11 21:54:46 ----RA---- C:\Windows\system32\MFCOLEUI.D​LL
 2010-03-11 21:54:46 ----RA---- C:\Windows\system32\MFCO250.DL​L
 2010-03-11 21:54:46 ----RA---- C:\Windows\system32\MFCN250.DL​L
 2010-03-11 21:54:46 ----RA---- C:\Windows\system32\MFCD250.DL​L
 2010-03-11 21:54:46 ----RA---- C:\Windows\system32\MFC250.DLL
 2010-03-11 21:54:30 ----D---- C:\SIERRA
 2010-03-11 21:54:30 ----D---- C:\Program Files\Sierra On-Line
 2010-03-11 21:53:58 ----A---- C:\Windows\SIERRA.INI
 2010-02-24 18:39:12 ----A---- C:\Windows\system32\jscript.dl​l
 2010-02-24 18:39:09 ----A---- C:\Windows\system32\psisdecd.d​ll
 2010-02-24 18:39:09 ----A---- C:\Windows\system32\msdri.dll
 2010-02-24 18:39:09 ----A---- C:\Windows\system32\CPFilters.​dll
 2010-02-24 18:39:06 ----A---- C:\Windows\system32\tzres.dll
 2010-02-21 22:59:39 ----D---- C:\Users\Nicolas\AppData\Roami​ng\LiveCAD3
 2010-02-21 22:59:32 ----A---- C:\Windows\system32\XAudio2_6.​dll
 2010-02-21 22:59:32 ----A---- C:\Windows\system32\XAPOFX1_4.​dll
 2010-02-21 22:59:32 ----A---- C:\Windows\system32\xactengine​3_6.dll
 2010-02-21 22:59:31 ----A---- C:\Windows\system32\X3DAudio1_​7.dll
 2010-02-21 22:59:30 ----A---- C:\Windows\system32\XAudio2_5.​dll
 2010-02-21 22:59:30 ----A---- C:\Windows\system32\XAPOFX1_3.​dll
 2010-02-21 22:59:29 ----A---- C:\Windows\system32\xactengine​3_5.dll
 2010-02-21 22:59:29 ----A---- C:\Windows\system32\d3dx11_42.​dll
 2010-02-21 22:59:29 ----A---- C:\Windows\system32\d3dx10_42.​dll
 2010-02-21 22:59:29 ----A---- C:\Windows\system32\d3dcsx_42.​dll
 2010-02-21 22:59:29 ----A---- C:\Windows\system32\D3DCompile​r_42.dll
 2010-02-21 22:59:28 ----A---- C:\Windows\system32\D3DX9_42.d​ll
 2010-02-21 22:59:27 ----A---- C:\Windows\system32\XAudio2_2.​dll
 2010-02-21 22:59:27 ----A---- C:\Windows\system32\XAPOFX1_1.​dll
 2010-02-21 22:59:26 ----A---- C:\Windows\system32\xactengine​3_2.dll
 2010-02-21 22:44:12 ----HD---- C:\Windows\msdownld.tmp
 2010-02-21 22:44:09 ----D---- C:\Windows\system32\directx
 2010-02-21 22:43:50 ----D---- C:\Program Files\LiveCAD
 2010-02-19 17:43:12 ----D---- C:\Users\Nicolas\AppData\Roami​ng\Bouygues-BboxMini.649F13D0C​DF968A472A16014E8BC8A2ED131D04​E.1
 2010-02-19 17:43:09 ----D---- C:\Program Files\Bouygues Telecom Mes services en un clic
 2010-02-19 17:43:07 ----D---- C:\Program Files\Common Files\Adobe AIR
 2010-02-15 16:46:10 ----D---- C:\Program Files\iPhone Explorer
 2010-02-10 12:46:49 ----A---- C:\Windows\system32\ntkrnlpa.e​xe
 2010-02-10 12:46:49 ----A---- C:\Windows\system32\kernel32.d​ll
 2010-02-10 12:46:48 ----A---- C:\Windows\system32\ntoskrnl.e​xe
 2010-02-10 12:46:48 ----A---- C:\Windows\system32\apphelp.dl​l
 2010-02-10 12:46:47 ----A---- C:\Windows\system32\quartz.dll
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\tsbyuv.dll
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\msyuv.dll
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\msvidc32.d​ll
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\msrle32.dl​l
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\mciavi32.d​ll
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\iyuv_32.dl​l
 2010-02-10 12:46:46 ----A---- C:\Windows\system32\avifil32.d​ll
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\secproc_ss​p_isv.dll
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\secproc_ss​p.dll
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\secproc_is​v.dll
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\secproc.dl​l
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\RMActivate​_ssp_isv.exe
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\RMActivate​_ssp.exe
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\RMActivate​_isv.exe
 2010-02-10 12:46:44 ----A---- C:\Windows\system32\RMActivate​.exe
 2010-02-09 15:24:56 ----D---- C:\Program Files\Bitmanagement Software
 2010-02-02 22:44:26 ----A---- C:\Windows\SoftWriting.ini
 2010-02-02 22:44:24 ----D---- C:\Program Files\SimpleOCR
 2010-02-02 20:10:37 ----D---- C:\Program Files\iPod
 2010-02-02 20:10:36 ----D---- C:\Program Files\iTunes
 2010-02-02 20:09:06 ----D---- C:\Program Files\QuickTime
 2010-01-27 14:05:55 ----A---- C:\Windows\system32\winlogon.e​xe
 2010-01-27 14:05:55 ----A---- C:\Windows\explorer.exe
 2010-01-22 21:45:01 ----A---- C:\Windows\system32\mshtml.dll
 2010-01-22 21:45:01 ----A---- C:\Windows\system32\ieframe.dl​l
 2010-01-22 21:45:00 ----A---- C:\Windows\system32\wininet.dl​l
 2010-01-22 21:45:00 ----A---- C:\Windows\system32\urlmon.dll
 2010-01-22 21:45:00 ----A---- C:\Windows\system32\msfeedsbs.​dll
 2010-01-22 21:45:00 ----A---- C:\Windows\system32\iedkcs32.d​ll
 2010-01-18 20:09:59 ----D---- C:\Users\Nicolas\AppData\Roami​ng\dvdcss
 2010-01-16 16:33:21 ----D---- C:\Program Files\Logitech Touch Mouse Server
 2010-01-13 07:31:16 ----A---- C:\Windows\system32\t2embed.dl​l
 2010-01-13 07:31:16 ----A---- C:\Windows\system32\fontsub.dl​l
 2010-01-10 14:44:06 ----D---- C:\Program Files\Open Design Alliance
 2010-01-10 14:44:06 ----D---- C:\Program Files\Common Files\DWGdirectX 2.5
 2010-01-10 14:44:04 ----A---- C:\Windows\system32\tsccvid.dl​l
 2010-01-10 14:44:03 ----D---- C:\Users\Nicolas\AppData\Roami​ng\Anuman Interactive
 2010-01-10 14:43:22 ----A---- C:\Windows\system32\sevLock.dl​l
 2010-01-10 14:43:22 ----A---- C:\Windows\system32\CyViewer.d​ll
 2010-01-10 14:24:40 ----D---- C:\Program Files\Anuman Interactive
 2010-01-05 18:59:57 ----D---- C:\Users\Nicolas\AppData\Roami​ng\GlarySoft
 2010-01-05 18:06:51 ----D---- C:\Program Files\Glary Utilities

 ======List of files/folders modified in the last 3 months======

 2010-03-23 19:58:59 ----D---- C:\Windows\system32\config
 2010-03-23 19:51:39 ----D---- C:\Windows\Prefetch
 2010-03-23 19:48:56 ----D---- C:\Windows\system32\catroot
 2010-03-23 19:38:13 ----D---- C:\Windows\Temp
 2010-03-23 12:30:10 ----D---- C:\Windows\Tasks
 2010-03-23 09:39:00 ----HD---- C:\ProgramData
 2010-03-22 21:56:36 ----SHD---- C:\Windows\Installer
 2010-03-22 21:56:30 ----RD---- C:\Program Files
 2010-03-22 21:56:29 ----SHD---- C:\System Volume Information
 2010-03-22 21:55:59 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
 2010-03-22 21:35:19 ----D---- C:\Windows\system32\Tasks
 2010-03-22 20:08:09 ----D---- C:\Windows\system32\drivers
 2010-03-21 19:39:57 ----D---- C:\Program Files\Lx_cats
 2010-03-18 15:48:28 ----D---- C:\Windows\System32
 2010-03-15 15:50:40 ----D---- C:\Windows\winsxs
 2010-03-15 15:43:06 ----D---- C:\Windows
 2010-03-14 21:28:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-03-14 19:33:55 ----D---- C:\Windows\Downloaded Program Files
 2010-03-13 14:50:29 ----D---- C:\Program Files\RocketDock
 2010-03-12 18:32:15 ----D---- C:\Windows\system32\wdi
 2010-03-11 22:46:45 ----D---- C:\Windows\inf
 2010-03-11 22:46:44 ----D---- C:\Windows\system32\DriverStor​e
 2010-03-11 22:46:41 ----D---- C:\Windows\system32\catroot2
 2010-03-11 22:39:18 ----D---- C:\Windows\system32\FxsTmp
 2010-03-11 21:55:30 ----RSD---- C:\Windows\Fonts
 2010-03-10 22:02:58 ----D---- C:\ProgramData\Microsoft Help
 2010-03-10 22:02:30 ----D---- C:\Windows\AppPatch
 2010-03-06 22:59:47 ----D---- C:\Users\Nicolas\AppData\Roami​ng\Skype
 2010-03-06 22:43:10 ----D---- C:\Users\Nicolas\AppData\Roami​ng\skypePM
 2010-03-06 17:53:09 ----D---- C:\Windows\system32\fr-FR
 2010-03-02 20:39:09 ----D---- C:\Windows\system32\NDF
 2010-03-02 06:30:12 ----A---- C:\Windows\system32\MRT.exe
 2010-02-26 15:02:55 ----A---- C:\Windows\system32\PerfString​Backup.INI
 2010-02-25 18:08:16 ----D---- C:\Windows\Microsoft.NET
 2010-02-25 18:07:47 ----RSD---- C:\Windows\assembly
 2010-02-24 22:49:27 ----D---- C:\Windows\ehome
 2010-02-19 17:43:11 ----D---- C:\ProgramData\Adobe
 2010-02-19 17:43:07 ----D---- C:\Program Files\Common Files
 2010-02-19 17:42:44 ----D---- C:\Users\Nicolas\AppData\Roami​ng\Adobe
 2010-02-06 13:33:47 ----D---- C:\Program Files\Google
 2010-02-02 20:10:36 ----D---- C:\Program Files\Common Files\Apple
 2010-02-02 20:06:59 ----D---- C:\Program Files\Safari
 2010-01-29 19:39:48 ----HD---- C:\Program Files\InstallShield Installation Information
 2010-01-28 18:52:39 ----D---- C:\Program Files\Wizards of the Coast
 2010-01-27 15:46:50 ----D---- C:\Program Files\Internet Explorer
 2010-01-24 22:29:02 ----D---- C:\Users\Nicolas\AppData\Roami​ng\DocumentsToGoDesktop
 2010-01-21 11:24:29 ----D---- C:\Program Files\Microsoft Silverlight
 2010-01-06 16:13:52 ----D---- C:\ProgramData\NVIDIA
 2010-01-05 19:44:11 ----D---- C:\Windows\system32\sysprep
 2010-01-05 19:44:11 ----D---- C:\Windows\pss
 2010-01-05 19:44:11 ----D---- C:\Windows\Panther
 2010-01-05 19:44:08 ----D---- C:\Program Files\Nvu
 2010-01-05 19:44:08 ----D---- C:\Program Files\Microsoft Works
 2010-01-05 19:44:07 ----D---- C:\Windows\Minidump
 2010-01-05 18:34:41 ----D---- C:\Program Files\Acer Inc
 2010-01-05 18:34:28 ----D---- C:\Acer

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
 R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\av​ipbb.sys [2009-03-30 96104]
 R1 discache;@%systemroot%\system3​2\drivers\discache.sys,-102; C:\Windows\System32\drivers\di​scache.sys [2009-07-14 32256]
 R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\El​byCDIO.sys [2009-02-17 24232]
 R1 RDPREFMP;@%systemroot%\system3​2\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rd​prefmp.sys [2009-07-14 7168]
 R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ss​mdrv.sys [2009-07-15 28520]
 R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wf​plwf.sys [2009-07-14 9728]
 R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\av​gntflt.sys [2009-12-10 56816]
 R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
 R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\md​mxsdk.sys [2007-12-14 12672]
 R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\ri​mmptsk.sys [2007-08-08 45568]
 R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\ri​msptsk.sys [2007-07-30 43008]
 R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\ri​xdptsk.sys [2007-07-30 38400]
 R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xa​udio.sys [2007-12-14 8704]
 R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\13​94ohci.sys [2009-07-14 163328]
 R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b5​7nd60x.sys [2009-07-13 229888]
 R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\Cm​Batt.sys [2009-07-14 14080]
 R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\Co​mpositeBus.sys [2009-07-14 31232]
 R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DK​bFltr.sys [2007-12-14 21264]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GE​ARAspiWDM.sys [2009-05-18 26600]
 R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\Hd​Audio.sys [2009-07-14 304128]
 R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HS​X_DPV.sys [2007-12-14 984064]
 R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HS​XHWAZL.sys [2007-12-14 208384]
 R3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\ne​tw5v32.sys [2009-07-13 4231168]
 R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NT​IDrvr.sys [2007-12-21 6144]
 R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nv​lddmkm.sys [2009-08-06 9824000]
 R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\Ag​ileVpn.sys [2009-07-14 49152]
 R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sd​bus.sys [2009-07-14 84992]
 R3 sftfs;sftfs; \??\C:\Program Files\Microsoft Application Virtualization Client\drivers\sftfslh.sys [2009-09-23 543064]
 R3 sftplay;sftplay; \??\C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-09-23 190312]
 R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sf​tredirlh.sys [2009-09-23 21848]
 R3 sftvol;sftvol; \??\C:\Program Files\Microsoft Application Virtualization Client\drivers\sftvollh.sys [2009-09-23 14680]
 R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\sn​p2uvc.sys [2007-06-12 1729152]
 R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\Sy​nTP.sys [2007-12-14 192816]
 R3 VClone;VClone; C:\Windows\system32\DRIVERS\VC​lone.sys [2009-05-23 29696]
 R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HS​X_CNXT.sys [2007-12-14 660480]
 R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\wi​nbondcir.sys [2007-12-14 43008]
 R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wm​iacpi.sys [2009-07-14 11264]
 R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\Wu​dfPf.sys [2009-07-14 92672]
 S3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AV​erA310USB.sys [2007-07-10 26368]
 S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\ac​pipmi.sys [2009-07-14 9728]
 S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\am​dppm.sys [2009-07-14 52736]
 S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\am​dsata.sys [2009-07-14 79952]
 S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\am​dsbs.sys [2009-07-14 159312]
 S3 AppID;@%systemroot%\system32\a​ppidsvc.dll,-102; C:\Windows\system32\drivers\ap​pid.sys [2009-07-14 50176]
 S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bx​vbdx.sys [2009-07-13 430080]
 S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AV​erA310Cap.sys [2007-07-10 42240]
 S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder iPod Edition\SysInfo.sys [2007-09-25 15152]
 S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\dr​mkaud.sys [2009-07-14 5120]
 S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\ev​bdx.sys [2009-07-13 3100160]
 S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\er​rdev.sys [2009-07-14 7168]
 S3 FsDepends;@%SystemRoot%\system​32\drivers\fsdepends.sys,-1000​1; C:\Windows\System32\drivers\Fs​Depends.sys [2009-07-14 46160]
 S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fs​sfltr.sys [2009-08-05 54632]
 S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hc​w85cir.sys [2009-07-13 26624]
 S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\Hi​dBatt.sys [2009-07-14 21504]
 S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\Hp​SAMD.sys [2009-07-14 67152]
 S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RT​KVHDA.sys [2007-12-14 1950552]
 S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\ls​i_sas2.sys [2009-07-14 54864]
 S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\Me​gaSR.sys [2009-07-14 235584]
 S3 mshidkmdf;@%SystemRoot%\system​32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\ms​hidkmdf.sys [2009-07-14 4096]
 S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MS​KSSRV.sys [2009-07-14 8320]
 S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MS​PCLOCK.sys [2009-07-14 5888]
 S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MS​PQM.sys [2009-07-14 5504]
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MS​TEE.sys [2009-07-14 6144]
 S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MT​Config.sys [2009-07-14 12288]
 S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\nd​iscap.sys [2009-07-14 27136]
 S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NE​Tw4v32.sys [2007-09-26 2251776]
 S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rd​pbus.sys [2009-07-14 18944]
 S3 scfilter;@%SystemRoot%\System3​2\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\sc​filter.sys [2009-07-14 26624]
 S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\st​exstor.sys [2009-07-14 21072]
 S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\um​pass.sys [2009-07-14 8192]
 S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\us​baapl.sys [2009-08-28 40448]
 S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\us​bscan.sys [2009-07-14 35840]
 S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vh​dmp.sys [2009-07-14 159824]
 S3 VNUSB;VN Series Device; C:\Windows\system32\DRIVERS\VN​USB.sys [2006-04-07 38496]
 S3 vwifibus;@%SystemRoot%\System3​2\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vw​ifibus.sys [2009-07-14 19968]
 S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wi​mmount.sys [2009-07-14 19008]
 S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\Wi​nUsb.sys [2009-07-14 34944]
 S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WU​DFRd.sys [2009-07-14 132224]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 ALaunchService;ALaunch Service; C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688]
 R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-15 108289]
 R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-22 185089]
 R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceS​ervice.exe [2009-06-05 144712]
 R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2008-12-12 238888]
 R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
 R2 EFS;@%SystemRoot%\system32\efs​svc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
 R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe [2007-09-10 57344]
 R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.ex​e [2009-02-27 870672]
 R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-12-14 354840]
 R2 LightScribeService;LightScribe​Service Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
 R2 MobilityService;MobilityServic​e; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
 R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-08-06 211488]
 R2 Power;@%SystemRoot%\system32\u​mpo.dll,-100; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\Reg​Srvc.exe [2009-02-27 473360]
 R2 RpcEptMapper;@%windir%\system3​2\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2007-09-28 233472]
 R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
 R2 SNMP;@%SystemRoot%\system32\sn​mp.exe,-3; C:\Windows\System32\snmp.exe [2009-07-14 47616]
 R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.​exe [2007-05-28 275968]
 R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
 R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xa​udio.exe [2007-12-14 386560]
 R3 HomeGroupProvider;@%SystemRoot​%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.ex​e [2009-07-14 20992]
 R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
 S2 gupdate1ca0556c29c4cf0;Service Google Update (gupdate1ca0556c29c4cf0); C:\Program Files\Google\Update\GoogleUpda​te.exe [2009-07-15 133104]
 S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2009-07-15 190448]
 S2 sppsvc;@%SystemRoot%\system32\​sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
 S3 AppIDSvc;@%systemroot%\system3​2\appidsvc.dll,-100; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 AxInstSV;@%SystemRoot%\system3​2\AxInstSV.dll,-103; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 BDESVC;@%SystemRoot%\system32\​bdesvc.dll,-100; C:\Windows\System32\svchost.ex​e [2009-07-14 20992]
 S3 bthserv;@%SystemRoot%\System32​\bthserv.dll,-101; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 defragsvc;@%SystemRoot%\system​32\defragsvc.dll,-101; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 Fax;@%systemroot%\system32\fxs​resm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
 S3 FontCache;@%systemroot%\system​32\FntCache.dll,-100; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
 S3 HomeGroupListener;@%SystemRoot​%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.ex​e [2009-07-14 20992]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\105​0\Intel 32\IDriverT.exe [2004-10-22 73728]
 S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
 S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditSer​vice.exe [2008-10-25 65888]
 S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
 S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
 S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectio​nPlatform\OSPPSVC.EXE [2009-09-26 4639136]
 S3 SensrSvc;@%SystemRoot%\System3​2\sensrsvc.dll,-1000; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 sppuinotify;@%SystemRoot%\syst​em32\sppuinotify.dll,-103; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 VaultSvc;@%SystemRoot%\system3​2\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
 S3 wbengine;@%systemroot%\system3​2\wbengine.exe,-104; C:\Windows\system32\wbengine.e​xe [2009-07-14 1202688]
 S3 WbioSrvc;@%systemroot%\system3​2\wbiosrvc.dll,-100; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]
 S3 WwanSvc;@%SystemRoot%\System32​\wwansvc.dll,-257; C:\Windows\system32\svchost.ex​e [2009-07-14 20992]

 -----------------EOF----------​-------

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 23/03/2010 à 21:13:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
info.txt logfile of random's system information tool 1.06 2010-03-23 21:05:05

 ======Uninstall list======

 -->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 -->MsiExec /X{DD1865F0-AD73-40FB-B23E-182​2E02396FF}
 -->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9​FFD21E2E0}
 Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493​B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
 Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-487​8-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
 Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467​B-AC34-183FCB5D4335}\setup.exe​" -l0x40c  -removeonly
 Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F​5-9C80-78B62E05F9BC}\setup.exe​" -l0x9  -removeonly
 Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\11\50\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6​A-AD02-38092BA63DAC}\setup.exe​" -l0x40c  -removeonly
 Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{1748​92B1-CBE7-44F5-86FF-AB555EFD73​A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
 Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Ado​be AIR Updater.exe -arp:uninstall
 Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FD​C93386723}
 Adobe Flash Player 10 Plugin-->C:\Windows\system32\M​acromed\Flash\uninstall_plugin​.exe
 Adobe Flash Player ActiveX-->C:\Windows\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Shockwave Player-->C:\Windows\System32\A​dobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOC​KW~1\Install.log
 AnumanLive-->"C:\Users\Nicolas​\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanL​ive.exe" /UNINSTALL
 Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8​A33E65143}
 Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8​D1C18F4EE}
 Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F4​95BE32033}
 Architecture 3D 3.1 - Premium (Démonstration)-->"C:\Program Files\LiveCAD\Architecture 3D 3.1 - Premium (Démonstration)\unins000.exe"
 Architecture et construction 3D-->"C:\Program Files\Anuman Interactive\Architecture et construction 3D\unins000.exe"
 Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
 Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80B​DD4F68845}
 Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
 Audacity 1.3.7 (Unicode)-->"C:\Program Files\Audacity\Audacity 1.3 Beta (Unicode)\unins000.exe"
 Auto-école 3D-->"C:\Program Files\Anuman interactive\Auto-école 3D\unins000.exe"
 Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
 BattleForge™-->MsiExec.exe /X{C580908C-B3BA-4C19-BD60-16F​02F272201}
 Bing Maps 3D-->MsiExec.exe /I{2D87E961-577B-492B-AD54-136​8680FB9A7}
 Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D7​77245C35B}
 Bouygues Telecom Mes services en un clic-->msiexec /qb /x {8ED44FA5-DB47-4BF8-646C-4D559​0D0363D}
 Bouygues Telecom Mes services en un clic-->MsiExec.exe /I{8ED44FA5-DB47-4BF8-646C-4D5​590D0363D}
 Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F73​7D92F991B}
 BS Contact-->C:\Program Files\Bitmanagement Software\BS Contact\uninstall.exe
 CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
 City Life 2008-->C:\Program Files\Monte Cristo\City Life\uninst.exe
 Code de la route-->"C:\Program Files\Anuman Interactive\Code de la route\unins000.exe"
 Conseiller de mise à niveau vers Windows 7-->MsiExec.exe /I{4983AA07-81D0-4605-BF92-49A​343056DC8}
 Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
 Day Bank Station-->MsiExec.exe /X{60C3E356-BF63-49E4-8626-8AC​BE58FC220}
 DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.​exe /CODEC
 DivX Converter-->C:\Program Files\DivX\DivXConverterUninst​all.exe /CONVERTER
 DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall​.exe /PLAYER
 DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninst​all.exe /DSFILTERS
 DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninst​all.exe /PLUGIN
 Documents To Go Desktop-->C:\Program Files\Documents To Go Desktop\Uninstaller.exe
 Download Manager 2.3.7-->C:\Program Files\Download Manager\uninst.exe
 DWGdirectX 2.5-->MsiExec.exe /I{98929AD0-0DE4-4BC9-B28F-C7B​352450955}
 FileZilla Client 3.3.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
 FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
 Foxit PDF IFilter-->MsiExec.exe /I{4448ABF6-786D-4C3D-A49D-7BB​237E6DD17}
 Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
 Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F​0C37541F1}
 Glary Utilities 2.20.0.831-->"C:\Program Files\Glary Utilities\unins000.exe"
 Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC4​4E68B55E2}
 Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005​056806466}
 GSiteCrawler-->C:\PROGRA~1\Sit​emap\GSITEC~1\UNWISE.EXE C:\PROGRA~1\Sitemap\GSITEC~1\I​NSTALL.LOG
 HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAU​DIO_VEN_14F1&DEV_2BFAOR2C06_11​8\UIU32m.exe -U -IAcrZUn32z.inf
 Hello Engines! Standard 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\10\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87D02B40-F778-42E​A-A957-52BF0F0689FD}\setup.exe​" -l0x9  -removeonly
 HijackThis 2.0.2-->"D:\Nicolas\Downloads\​HiJackThis\HijackThis.exe" /uninstall
 HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7A​FBF24A24A}
 IKEA Home Planner-->MsiExec.exe /I{B3276CB1-20B6-4AF9-AAEC-E72​C83816495}
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C​063A63F31}
 Intel® Matrix Storage Manager-->C:\Windows\system32\​imsmudlg.exe -uninstall
 iPhone Explorer 0.991-->"C:\Program Files\iPhone Explorer\unins000.exe"
 iPod Video Converter 3.90-->C:\Program Files\iPodRobot\iPod Video Converter\uninst.exe
 iTunes-->MsiExec.exe /I{F439D7AF-03F3-4F8E-AEC4-571​BFE977C61}
 James Cameron's AVATAR(tm): THE GAME (Démo)-->"C:\Program Files\InstallShield Installation Information\{1DC4E424-5D92-4C9​2-B1E1-4BE4318E7136}\setup.exe​" -runfromtemp -l0x040c -removeonly
 Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216011FF}
 Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C​48E991DE5}
 KC Softwares IDPhotoStudio-->"C:\Program Files\IDPhotoStudio\unins000.e​xe"
 KRISTAL Audio Engine-->C:\Program Files\Kreatives.org\KRISTAL Audio Engine\Uninstall.exe
 Launch Manager-->C:\Windows\UnInst32.​exe QtZgAcer.UNI
 Lexmark 4800 Series-->C:\Program Files\Lexmark 4800 Series\Install\x86\Uninst.exe
 Lexmark 6200 Series-->C:\Program Files\Lexmark 6200 Series\Install\x86\Uninst.exe
 Line 6 Uninstaller-->C:\Program Files\Line6\Tools\Line 6 Uninstaller.exe
 Logiciel Intel(R) PROSet/Wireless WiFi-->MsiExec.exe /I{F22FD942-651D-4EE8-BD6F-7E0​AF5E17625}
 Logitech Touch Mouse Server 1.0-->C:\Program Files\Logitech Touch Mouse Server\uninst.exe
 Magic Workstation 0.94f-->"C:\Program Files\Magic Workstation\unins000.exe"
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 MediaCoder iPod Edition-->C:\Program Files\MediaCoder iPod Edition\uninst.exe
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Device Emulator version 1.0 - ENU-->MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B6​3BD4A6682}
 Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst​.exe /s:120
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-00000​00FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87​C4264C0}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-00000​00FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87​C4264C0}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-00000​00FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A5​77CB24C}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A​230AD5B}
 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A​230AD5B}
 Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-000​0000FF1CE}
 Microsoft Office Click-to-Run 2010 (Beta)-->"C:\PROGRA~1\COMMON~1​\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
 Microsoft Office Click-to-Run 2010 (Beta)-->MsiExec.exe /I{20140000-006D-040C-0000-000​0000FF1CE}
 Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-000​0000FF1CE}
 Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-000​0000FF1CE}
 Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
 Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-000​0000FF1CE}
 Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-000​0000FF1CE}
 Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C05​93F3BC7B8}
 Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-000​0000FF1CE}
 Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-000​0000FF1CE}
 Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-000​0000FF1CE}
 Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-000​0000FF1CE}
 Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-000​0000FF1CE}
 Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-000​0000FF1CE}
 Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-000​0000FF1CE}
 Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-000​0000FF1CE}
 Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-000​0000FF1CE}
 Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-000​0000FF1CE}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-00000​00FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8F​AA964C5}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-00000​00FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8F​AA964C5}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-00000​00FF1CE} /uninstall {A0516415-ED61-419A-981D-93596​DA74165}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-00000​00FF1CE} /uninstall {A0516415-ED61-419A-981D-93596​DA74165}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-00000​00FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B​7B5C045}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-00000​00FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B​7B5C045}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-00000​00FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76​BB86787}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-00000​00FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76​BB86787}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-00000​00FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F​6B30EBB}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-00000​00FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F​6B30EBB}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-00000​00FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D2903​83A10D9}
 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-00000​00FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D2903​83A10D9}
 Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-000​0000FF1CE}
 Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-000​0000FF1CE}
 Microsoft Office Ultimate 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
 Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-000​0000FF1CE}
 Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-000​0000FF1CE}
 Microsoft Outlook Hotmail Connector 32 bits (Beta)-->MsiExec.exe /X{25140000-0048-040C-0000-000​0000FF1CE}
 Microsoft Photo Premium 10-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM
 Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5​A4BB71E00}
 Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3​DD01FD0B8}
 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C8​3EC895118}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-181​8da5d550d}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0​f04e2912c}
 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7​D6DBC735C}
 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E​6EC160475}
 Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFD​EBA76AD9C}
 Microsoft WorldWide Telescope-->MsiExec.exe /I{E7A9DCC5-8D19-4B95-BED8-2DB​41F920F11}
 Mise à jour Microsoft Office Excel 2007 Help  (KB963678)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE7​8AC8F2C}
 Mise à jour Microsoft Office Excel 2007 Help  (KB963678)-->msiexec /package {90120000-0016-040C-0000-00000​00FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE7​8AC8F2C}
 Mise à jour Microsoft Office Outlook 2007 Help  (KB963677)-->msiexec /package {90120000-001A-040C-0000-00000​00FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B​904FE21}
 Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C342​9F351C3}
 Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)-->msiexec /package {90120000-0018-040C-0000-00000​00FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C342​9F351C3}
 Mise à jour Microsoft Office Word 2007 Help  (KB963665)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284​590C223}
 Mise à jour Microsoft Office Word 2007 Help  (KB963665)-->msiexec /package {90120000-001B-040C-0000-00000​00FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284​590C223}
 MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12​CBB1D0AE8}
 Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAF​C6BCFF99F}
 MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-696​9D703A9EF}
 MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3D​E528246EF}
 MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5​DCDC52A71}
 MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C1​1F044BDEC}
 MTG Cropped Card Pics (up to Eventide)-->"C:\Program Files\Magic Workstation\Pics\unins000.exe"
 MTG GamePack for Magic Workstation-->"C:\Program Files\Magic Workstation\unins001.exe"
 NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-408​9-8825-55DE4B366799}\setup.exe​" -removeonly
 NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON​~1\INSTAL~1\Driver\7\INTEL3~1\​IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE7​48FA44EC2} /l1036 CDM7
 NVIDIA Drivers-->C:\Windows\system32\​nvuninst.exe UninstallGUI
 NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-182​2E02396FF}
 Nvu 1.0PR-->"C:\Program Files\Nvu\unins000.exe"
 Olympus Digital Wave Player-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{FB91E774-867B-456​7-ACE7-8144EF036068}\Setup.exe​" -l0x40c
 OpenOffice.org 3.1-->MsiExec.exe /I{B2E581DB-C4DD-432C-AC84-ED7​61AC056BC}
 OpenSong Version 1.3.0-->"C:\Program Files\OpenSong\unins000.exe"
 Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
 Outil de téléchargement Windows Live SkyDrive-->MsiExec.exe /I{2FD177C0-A752-11DC-8314-080​0200C9A66}
 Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A0​93F35A238}
 PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
 PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
 Picthema-->"C:\Program Files\Picthema\unins000.exe"
 plist Editor for Windows 1.0.0-->C:\Program Files\iPodRobot\plist Editor for Windows\uninst.exe
 PowerProducer 3.72-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D​6-97FD-0050BACBF861}\Setup.exe​"  -uninstall
 PrintMaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{8DD144C1-5EAD-4D5​5-80A1-ACAF893A4FFE}\setup.exe​" anything
 Qtpfsgui 1.9.3-->"C:\Program Files\Qtpfsgui\unins000.exe"
 QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B36​3A17588A2}
 RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A​3-948C-8A155460CC2A}\Setup.exe​" -l0x40c anything
 RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
 Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F​38FAFEE90}
 Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DE​AF3DD08}
 Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DE​AF3DD08}
 Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672​D68A9BF}
 Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672​D68A9BF}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D​1003E86}
 Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D​1003E86}
 Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE4​5CB03C0}
 Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED​296CB4D}
 Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED​296CB4D}
 Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFB​F61BC4E}
 Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B7​03B84FF}
 Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B7​03B84FF}
 Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB​6F0FB6C}
 Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB​6F0FB6C}
 Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F​21FEDDC}
 Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F​21FEDDC}
 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8C​AC8224D}
 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8C​AC8224D}
 Shockwave-->C:\Windows\System3​2\Macromed\SHOCKW~2\UNWISE.EXE C:\Windows\System32\Macromed\S​HOCKW~2\INSTALL.LOG
 Sierra Print Artist 6.0-->C:\Windows\IsUn040c.exe -fC:\SIERRA\PA6\Uninst.isu -c"C:\SIERRA\PA6\PASTP.DLL"
 SimpleOCR 3.1-->C:\PROGRA~1\SIMPLE~1\UNW​ISE.EXE C:\PROGRA~1\SIMPLE~1\INSTALL.L​OG
 Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC​93E08BF3D}
 Switcher 2.0.0-->MsiExec.exe /X{F7DB6677-661D-4835-AAD8-1B7​F4C98D7CE}
 Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL​.dll",standAloneUninstall
 System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Un​install.exe
 The Endless Forest-->"C:\Program Files\Tale of Tales\The Endless Forest 3\unins000.exe"
 TSP_CODEC-->C:\Program Files\Bytescribe\TSP_CODEC\Uni​nst.exe /pid:{A90C03D6-08E1-4C59-B93B-​6919A6C0AC19} /asd
 Unity Web Player-->C:\Program Files\Unity\WebPlayer\Uninstal​l.exe
 Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAA​A68E92D}
 Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAA​A68E92D}
 Update for 2007 Microsoft Office System (KB977724)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {CC0E469C-5006-48B9-BBDC-D11B5​62499B4}
 Update for 2007 Microsoft Office System (KB977724)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {CC0E469C-5006-48B9-BBDC-D11B5​62499B4}
 Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219​365DFF7}
 Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219​365DFF7}
 Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40​C635331}
 Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-00000​00FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40​C635331}
 Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {91120000-002E-0000-0000-00000​00FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC​552DF53}
 Utilitaire de configuration iPhone-->MsiExec.exe /I{ECD59AE2-BEF4-4225-B0E9-3A8​1B5328D35}
 Utilitaire de téléchargement Metaboli pour NeverWinter Nights 2 (remove only)-->C:\Program Files\Metaboli Downloader\Metaboli DLM(377802)\Uninstall.exe
 VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4​595DD148B}
 VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.e​xe
 VirtualCloneDrive-->"C:\Progra​m Files\VirtualCloneDrive\vcd-un​inst.exe" /D="C:\Program Files\VirtualCloneDrive"
 Web Acappella-->"C:\Program Files\Intuisphere\Web Acappella\unins000.exe"
 Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-370​01CCBBA5D}
 Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD​3A3F9DF41}
 Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189​800823F52}
 Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-799​8F2B92CFC}
 Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-507​9296B43BA}
 Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E90​5E91AC818}
 Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8​525FFA3B1}
 Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BB​FE303C354}
 Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8​168661FEA}
 Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867​DC9D0A2A4}

 ======System event log======

 Computer Name: PC-de-Nicolas
 Event Code: 7026
 Message: Le pilote de démarrage système ou d’amorçage suivant n’a pas pu se charger :
 sptd
 Record Number: 157733
 Source Name: Service Control Manager
 Time Written: 20091031202850.332240-000
 Event Type: Erreur
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4
 Message: Broadcom NetLink (TM) Gigabit Ethernet : le lien réseau est hors service. Vérifiez que le câble réseau est connecté correctement.
 Record Number: 157658
 Source Name: b57nd60x
 Time Written: 20091031202820.953234-000
 Event Type: Avertissement
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4
 Message: Le pilote a détecté une erreur interne dans ses structures de données pour .
 Record Number: 157651
 Source Name: sptd
 Time Written: 20091031202804.401605-000
 Event Type: Erreur
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4001
 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

 Record Number: 157645
 Source Name: Microsoft-Windows-WLAN-AutoCon​fig
 Time Written: 20091031152103.302988-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 Computer Name: PC-de-Nicolas
 Event Code: 10002
 Message: Le module d’extensibilité WLAN s’est arrêté.

 Chemin d’accès du module : C:\Windows\System32\IWMSSvc.dl​l

 Record Number: 157644
 Source Name: Microsoft-Windows-WLAN-AutoCon​fig
 Time Written: 20091031152103.209388-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 =====Application event log=====

 Computer Name: PC-de-Nicolas
 Event Code: 1530
 Message:
 Record Number: 14738
 Source Name: Microsoft-Windows-User Profiles Service
 Time Written: 20081107005819.000000-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 Computer Name: PC-de-Nicolas
 Event Code: 1530
 Message:
 Record Number: 14461
 Source Name: Microsoft-Windows-User Profiles Service
 Time Written: 20081105030049.000000-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 Computer Name: PC-de-Nicolas
 Event Code: 1530
 Message:
 Record Number: 14460
 Source Name: Microsoft-Windows-User Profiles Service
 Time Written: 20081105030049.000000-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 Computer Name: PC-de-Nicolas
 Event Code: 1530
 Message:
 Record Number: 14380
 Source Name: Microsoft-Windows-User Profiles Service
 Time Written: 20081104010004.000000-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 Computer Name: PC-de-Nicolas
 Event Code: 1530
 Message:
 Record Number: 14379
 Source Name: Microsoft-Windows-User Profiles Service
 Time Written: 20081104010003.000000-000
 Event Type: Avertissement
 User: AUTORITE NT\Système

 =====Security event log=====

 Computer Name: PC-de-Nicolas
 Event Code: 4648
 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

 Sujet :
  ID de sécurité :  S-1-5-18
  Nom du compte :  PC-DE-NICOLAS$
  Domaine du compte :  WORKGROUP
  ID d’ouverture de session :  0x3e7
  GUID d’ouverture de session :  {00000000-0000-0000-0000-00000​0000000}

 Compte dont les informations d’identification ont été utilisées :
  Nom du compte :  SYSTEM
  Domaine du compte :  AUTORITE NT
  GUID d’ouverture de session :  {00000000-0000-0000-0000-00000​0000000}

 Serveur cible :
  Nom du serveur cible : localhost
  Informations supplémentaires : localhost

 Informations sur le processus :
  ID du processus :  0x2dc
  Nom du processus :  C:\Windows\System32\services.e​xe

 Informations sur le réseau :
  Adresse du réseau : -
  Port :   -

 Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
 Record Number: 42623
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090902145917.785000-000
 Event Type: Succès de l’audit
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4672
 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

 Sujet :
  ID de sécurité :  S-1-5-18
  Nom du compte :  SYSTEM
  Domaine du compte :  AUTORITE NT
  ID d’ouverture de session :  0x3e7

 Privilèges :  SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
 Record Number: 42622
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090902145906.285000-000
 Event Type: Succès de l’audit
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4624
 Message: L’ouverture de session d’un compte s’est correctement déroulée.

 Sujet :
  ID de sécurité :  S-1-5-18
  Nom du compte :  PC-DE-NICOLAS$
  Domaine du compte :  WORKGROUP
  ID d’ouverture de session :  0x3e7

 Type d’ouverture de session :   5

 Nouvelle ouverture de session :
  ID de sécurité :  S-1-5-18
  Nom du compte :  SYSTEM
  Domaine du compte :  AUTORITE NT
  ID d’ouverture de session :  0x3e7
  GUID d’ouverture de session :  {00000000-0000-0000-0000-00000​0000000}

 Informations sur le processus :
  ID du processus :  0x2dc
  Nom du processus :  C:\Windows\System32\services.e​xe

 Informations sur le réseau :
  Nom de la station de travail :  
  Adresse du réseau source : -
  Port source :  -

 Informations détaillées sur l’authentification :
  Processus d’ouverture de session :  Advapi  
  Package d’authentification : Negotiate
  Services en transit : -
  Nom du package (NTLM uniquement) : -
  Longueur de la clé :  0

 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

 Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

 Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

 Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

 Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

 Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
  - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
  - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
  - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
  - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
 Record Number: 42621
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090902145906.285000-000
 Event Type: Succès de l’audit
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4648
 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

 Sujet :
  ID de sécurité :  S-1-5-18
  Nom du compte :  PC-DE-NICOLAS$
  Domaine du compte :  WORKGROUP
  ID d’ouverture de session :  0x3e7
  GUID d’ouverture de session :  {00000000-0000-0000-0000-00000​0000000}

 Compte dont les informations d’identification ont été utilisées :
  Nom du compte :  SYSTEM
  Domaine du compte :  AUTORITE NT
  GUID d’ouverture de session :  {00000000-0000-0000-0000-00000​0000000}

 Serveur cible :
  Nom du serveur cible : localhost
  Informations supplémentaires : localhost

 Informations sur le processus :
  ID du processus :  0x2dc
  Nom du processus :  C:\Windows\System32\services.e​xe

 Informations sur le réseau :
  Adresse du réseau : -
  Port :   -

 Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
 Record Number: 42620
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090902145906.285000-000
 Event Type: Succès de l’audit
 User:

 Computer Name: PC-de-Nicolas
 Event Code: 4672
 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

 Sujet :
  ID de sécurité :  S-1-5-18
  Nom du compte :  SYSTEM
  Domaine du compte :  AUTORITE NT
  ID d’ouverture de session :  0x3e7

 Privilèges :  SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
 Record Number: 42619
 Source Name: Microsoft-Windows-Security-Aud​iting
 Time Written: 20090902145817.846000-000
 Event Type: Succès de l’audit
 User:

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.​MSC
 "PROCESSOR_ARCHITECTURE"=x86
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "USERNAME"=SYSTEM
 "windir"=%SystemRoot%
 "PSModulePath"=%SystemRoot%\sy​stem32\WindowsPowerShell\v1.0\​Modules\
 "NUMBER_OF_PROCESSORS"=2
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
 "PROCESSOR_REVISION"=1706
 "Path"=%CommonProgramFiles%\Mi​crosoft Shared\Windows Live;%SystemRoot%\system32;%Sy​stemRoot%;%SystemRoot%\System3​2\Wbem;C:\Program Files\Intel\WiFi\bin\;C:\Progr​am Files\Common Files\DivX Shared\;%SYSTEMROOT%\System32\​WindowsPowerShell\v1.0\;C:\Pro​gram Files\QuickTime\QTSystem\
 "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava​.zip
 "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava​.zip

 -----------------EOF----------​-------

  1. Posté le 23/03/2010 à 23:50:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
On voit que avez un problème avec le logiciel Daemond Tools. Probablement relier au Q:\.

 Désinstallaer le logiciel.

 Donc quel icone du panneau de configuration n'ouvre pas et quel est le message précis ?

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 24/03/2010 à 22:26:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Daemon Tools n'est plus sur le PC, il y a Alcoohol 52% mais aucun lecteur virtuel.
 Comment faire ?

 Dans le panneau de configuration, il n'y a aucun message, juste un retour sur le bureau, avec un clignotement de l'écran, et les icones de la zone de notification qui disparaissent, et se relancent les uns à la suite des autres. Par exemple quand j'essaye d'ouvrir le par-feu.

  1. Posté le 25/03/2010 à 01:15:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je ne connais pas ce logiciel désoler!

 Pour en revenir à l'infection faire ceci:



 1. Télécharger Kaspersky tdsskiller

 http://support.kaspersky.com/d [...] killer.zip

 Le décompresser dans un nouveau dossier sur votre disque dur ou sur le bureau. Cliquer-droit - "Extraire ici". Supprimer TDSSKiller.zip.
 Fermer tout et désactiver antivirus et tout autre programme de protection. Renommer TDSSKiller.exe en ordi.com puis lancer le programme et patienter jusqu'à la fin de l'analyse.
 Lorsque terminé, le programme va vous demander d'écrire le mot Delete et "Y" pour redémarrer pour finir la désinfection et il va se désactive lui-même.
 Le rapport généré est sauvegardé à la racine de la partition système (normalement C:\). Le nom du log est X:\TDSSKiller.version_JJ.MM.AA​AA_HH.MN.SS_log.txt.

 Si tout va bien, continuer en #4.

 2. Télécharger le démo de 30 jours de Hitman Pro

 http://www.surfright.nl/en/hitmanpro

 qui est pleinement fonctionnel et scanner votre machine. Redémarrer si demandé. Prendre la version 32 ou 64 bits selon votre Windows.

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 25/03/2010 à 22:42:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai le message suivant avec tdsskiler

 http://img683.imageshack.us/im​g683/7051/capturexf.jpg

 Hitman pro n'a rien trouvé.

  1. Posté le 25/03/2010 à 23:59:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C'est correct.

 Faire ceci maintenant:

 Scanner avec le scan en ligne de ESET et me mettre le log ici:


 http://www.eset-nod32.fr/scanner.html

 Log ici: C:\Program Files\EsetOnlineScanner\log.tx​t

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 27/03/2010 à 23:34:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ESETSmartInstaller@High as downloader log:
 all ok
 esets_scanner_update returned -1 esets_gle=0
 # version=7
 # OnlineScannerApp.exe=1.0.0.1
 # OnlineScanner.ocx=1.0.0.6211
 # api_version=3.0.2
 # EOSSerial=62aa9f080f2dd54b9dd4​768a72437651
 # end=finished
 # remove_checked=true
 # archives_checked=false
 # unwanted_checked=true
 # unsafe_checked=false
 # antistealth_checked=true
 # utc_time=2010-03-27 10:32:57
 # local_time=2010-03-27 11:32:57 (+0100, Paris, Madrid)
 # country="France"
 # lang=1036
 # osver=6.1.7600 NT
 # compatibility_mode=512 16777215 100 0 358077 358077 0 0
 # compatibility_mode=1797 16775165 100 100 38824 65793086 6498 0
 # compatibility_mode=5893 16776638 100 85 22168398 22168398 0 0
 # compatibility_mode=8192 67108863 100 0 3663 3663 0 0
 # scanned=0
 # found=0
 # cleaned=0
 # scan_time=0

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 01/04/2010 à 17:41:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Pas de solution ?

  1. Posté le 02/04/2010 à 01:16:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
En mode sans échec cela fonctionne ?

nikoleo
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 12/05/2010 à 16:34:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Une mise à jour de windows 7 semble avoir résolut le problème. Merci de votre aide.

 Page :
1

Aller à :
 

Sujets relatifs
Infecté par Adware Gibmedia et Ecobar [résolu] PC instable et erreur de script
pubs qui s'ouvrent quand je suis sur internet [résolu] PC tres lent au demarrage (sur le bureau) =>RESOLU
fenêtres de pub intenpestives [resolu] disque dur infecté par un virus
trojan sur mon PC, configuration= vista pc infecté par svcsys.exe, icone disque dure disparu
[résolu]Leosrv : encore un imbécile tombé dans le panneau!!! [résolu]trojan dans win32 album photo 2007
Plus de sujets relatifs à : [résolu] Panneau de configuration instable + Disque dure

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Infection Bagle 10
PC devenu lent [résolu] 22
cheval de troie repéré, pub intempestives, moteur de recherc 3
virus protector 41
problèmes search setting 1.2 9