centre sécurité windows

Bonjour :

N'ayant plus d'antivirus je voulais remttre le centre de protection de windows mais....





Que faire ?

MERCI

Bonjour,

Pourquoi avoir désinstallé ton antivirus ?

Télécharge HiJackThis de Merijn sur ton bureau.

- Double-clic sur HijackThis.
- Génère un rapport en suivant ces indications :
- Exécute le et clique sur Do a scan and save log file.
- Le rapport s'ouvre sur le Bloc-Note.

- Colle le rapport ici, pour cela :
- Menu Edition / Selectionner Tout
- Menu Edition / copier
- Ici dans un nouveau message : clic droit / coller

Aide : N'hésite pas à consulter l'aide HiJackThis.


Cordialement.

Merci

J'ai supprimer mon antivirus car l'abonnement etait terminé...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:01, on 22/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\axcmd.exe" /automount
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)" -"http://www.funlabo.com/billard/billard-3d.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2B218E3-51B5-434A-8775-34E10D41BD45}: NameServer = 192.168.1.1
O23 - Service: Anyplace Control Security - Unknown owner - C:\Windows\svcadmin.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 5984 bytes

Bonsoir,

1) La désinstallation de Norton est incomplète.
Télécharge le Norton Removal Tool et sauvegarde-le sur ton bureau.

- Clique deux fois sur l'icône Norton Removal Tool.
- Suis les instructions. L'ordinateur pourra être redémarré plusieurs fois et tu seras peut-être invité à répéter certaines étapes.


2) Télécharge OTViewIt de OldTimer sur ton bureau.

- Ferme toutes les fenêtres et applications.
- Double clique sur OTViewIt.exe pour le lancer.
- Dans la liste déroulante "File Age" choisis : 30 days (ou selon votre choix)
- Clique sur le bouton "Run Scan".
- Patiente quelques minutes.
- le bloc note va s'ouvrir, poste les deux rapports obtenus dans ta prochaine réponse.


Cordialement.

Bonjour & encore MERCI

Pour ce qui est de norton, j'avais deja utilisé ce logiciel...

Sinon les rapports :

OTViewIt logfile created on: 23/04/2009 17:34:54 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Mathieu\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,32% Memory free
4,00 Gb Paging File | 3,35 Gb Available in Paging File | 83,72% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 39,46 Gb Free Space | 56,56% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 64,67 Gb Free Space | 93,03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-FAMILLE
Current User Name: Mathieu
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2008/01/19 09:33:37 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/19 09:33:14 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2008/01/22 22:38:19 | 00,643,072 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
[2008/01/19 09:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2008/01/22 22:38:19 | 00,643,072 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
[2008/01/19 09:33:08 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/01/19 09:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/06/20 10:56:16 | 04,493,312 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2007/03/11 21:34:40 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
[2008/08/20 10:54:08 | 00,150,016 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
[2009/03/09 06:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/07/17 12:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
[2009/03/26 14:19:59 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[2008/06/15 12:24:16 | 00,104,960 | ---- | M] () -- C:\Windows\svcadmin.exe
[2008/01/19 09:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
[2007/01/17 11:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2008/01/19 09:33:32 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/05/28 18:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\StarWind\StarWindServiceAE.exe
[2008/05/27 07:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2007/07/03 11:40:10 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
[2009/03/18 10:08:41 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2008/01/19 09:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2008/01/19 09:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2009/03/03 04:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2008/01/19 09:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/01/19 09:33:33 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
[2009/03/03 04:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2007/07/17 12:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
[2009/03/03 06:40:22 | 00,636,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/01/19 09:33:33 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
[2009/04/23 13:16:15 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Mathieu\Desktop\OTViewIt.exe
[2008/05/27 07:18:16 | 00,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2008/05/27 07:17:55 | 00,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe

========== (O23) Win32 Services ==========

[2008/06/15 12:24:16 | 00,104,960 | ---- | M] () -- C:\Windows\svcadmin.exe -- (Anyplace Control Security [Auto | Running])
[2008/07/27 20:03:11 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/01/22 22:38:19 | 00,643,072 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
File not found -- -- (CertPropSvc [Unknown | Stopped])
[2008/07/27 20:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2008/01/19 09:33:06 | 02,091,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2008/01/19 09:34:06 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
[2008/01/19 09:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2007/07/03 11:40:10 | 00,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
[2008/06/20 03:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
File not found -- -- (LightScribeService [Auto | Running])
[2009/03/17 22:57:03 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2008/06/20 03:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
File not found -- -- (ose [On_Demand | Stopped])
File not found -- -- (Planificateur LiveUpdate automatique [Auto | Stopped])
[2008/01/19 09:36:19 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- -- (Schedule [Unknown | Running])
File not found -- -- (SCPolicySvc [Unknown | Stopped])
[2008/01/19 09:33:22 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 11:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
File not found -- -- (StarWindServiceAE [Auto | Running])
[2008/01/19 09:33:33 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
File not found -- -- (usnjsvc [On_Demand | Stopped])
[2008/01/19 09:33:33 | 00,382,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Stopped])
[2008/05/27 07:18:43 | 00,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])

========== Driver Services ==========

[2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2006/11/02 11:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2006/11/02 11:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2008/01/22 23:39:48 | 03,482,112 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag [On_Demand | Running])
[2008/01/31 20:15:36 | 00,278,984 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt [Auto | Running])
[2008/01/19 07:28:26 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 10:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2007/01/09 12:35:44 | 00,091,776 | ---- | M] (USB Generic Camera) -- C:\Windows\System32\drivers\cam1210.sys -- (CAM1210 [On_Demand | Stopped])
[2006/11/02 10:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
[2008/01/19 09:42:58 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2006/11/02 11:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2008/01/19 07:28:20 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2008/01/19 07:49:12 | 00,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4.sys -- (Dot4 [On_Demand | Stopped])
[2008/01/19 07:49:09 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4Prt.sys -- (Dot4Print [On_Demand | Stopped])
[2008/01/19 07:49:10 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dot4usb.sys -- (dot4usb [On_Demand | Stopped])
[2008/08/02 03:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/19 09:42:11 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2003/03/02 18:44:26 | 00,007,552 | ---- | M] () -- C:\Windows\System32\drivers\enodpl.sys -- (enodpl [Auto | Running])
[2008/01/19 07:28:01 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/19 09:42:31 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/19 07:30:23 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2006/11/02 11:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2006/11/02 09:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])
[2008/01/19 06:30:49 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 10:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 10:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2008/08/30 17:14:12 | 00,137,344 | ---- | M] () -- C:\Windows\System32\drivers\hwpsgt.sys -- (hwpsgt [Auto | Running])
[2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2006/12/07 19:12:02 | 00,076,584 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
[2007/06/22 11:34:12 | 01,788,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
[2006/11/02 10:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2008/01/19 09:42:35 | 00,181,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2006/11/02 10:51:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2008/08/30 17:14:07 | 00,009,472 | ---- | M] () -- C:\Windows\System32\drivers\lemsgt.sys -- (lemsgt [Auto | Running])
[2008/01/31 20:15:35 | 00,025,416 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt [Auto | Running])
[2008/03/04 13:56:11 | 00,137,344 | ---- | M] () -- C:\Windows\System32\drivers\litsgt.sys -- (litsgt [Auto | Running])
[2008/01/19 07:55:03 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2008/01/19 07:30:36 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2008/01/19 07:52:19 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2006/11/02 11:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2008/01/19 07:54:46 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/03/07 18:43:40 | 00,111,872 | ---- | M] (Mars Semiconductor Corp.) -- C:\Windows\System32\drivers\mr97310v.sys -- (MR97310_VGA_DUAL_CAMERA [On_Demand | Running])
[2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2008/08/27 03:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2008/01/19 07:28:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2006/11/02 11:49:44 | 00,023,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])
[2006/11/02 11:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2008/01/19 09:41:14 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2008/01/19 09:42:29 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/05/20 04:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Stopped])
[2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2008/01/19 07:55:50 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2007/07/10 15:36:42 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
[2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2006/11/02 11:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2006/11/02 11:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2008/04/05 03:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
[2008/01/19 07:56:07 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2008/01/19 07:56:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/19 08:01:09 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2008/01/19 07:55:03 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 11:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2006/11/02 08:37:21 | 00,020,480 | ---- | M] () -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Stopped])
[2008/01/19 07:49:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2007/10/31 22:25:36 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2007/10/31 22:25:36 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2007/10/31 22:25:36 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2007/06/05 13:08:56 | 00,454,520 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISGRKMD.sys -- (SiS6350 [On_Demand | Stopped])
[2007/01/24 11:08:06 | 00,056,184 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISAGPX.SYS -- (SISAGP [Boot | Running])
[2007/01/22 10:09:08 | 00,046,592 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH [On_Demand | Running])
[2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2008/01/19 07:55:27 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2008/01/19 09:41:30 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2008/01/12 20:48:29 | 00,715,248 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys -- (sptd [Boot | Running])
[2008/01/19 07:29:15 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2008/01/19 07:29:12 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2003/04/19 01:32:04 | 00,004,736 | ---- | M] () -- C:\Windows\System32\drivers\tandpl.sys -- (tandpl [Auto | Running])
[2008/03/04 13:56:11 | 00,012,032 | ---- | M] () -- C:\Windows\System32\drivers\tansgt.sys -- (tansgt [Auto | Running])
[2008/01/19 07:56:07 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2008/01/19 07:55:58 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/03/04 13:53:04 | 00,048,928 | ---- | M] () -- C:\Windows\System32\drivers\Tetris.sys -- (Tetris [On_Demand | Running])
[2008/01/19 08:01:15 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2008/01/19 07:55:41 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/19 07:55:50 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2006/11/02 11:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [Boot | Running])
[2006/11/02 11:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/01/19 07:53:40 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2006/11/02 10:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2006/11/02 10:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2006/11/02 10:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2006/11/02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/19 09:42:18 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2008/01/19 09:43:03 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 10:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2006/11/02 11:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/01/19 09:43:27 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2006/11/02 10:35:03 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])
[2008/01/19 07:56:49 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.google.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Local Page"=C:\Windows\system32\blank.htm
"Search Page"=http://home.microsoft.com/access/allinone.asp
"Start Page"=http://www.neufportail.fr/
"StartPageCache"=

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (248049 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
::1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.139mm.com
127.0.0.1 139mm.com
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
8643 more lines...

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Programmes\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
{3049C3E9-B461-4BC5-8870-4C09146192CA} (HKLM) -- C:\Programmes\Real\RealPlayer\rpbrowserrecordplugin.dll File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Programmes\Java\jre6\bin\jp2ssv.dll File not found

========== (O3) Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe File not found
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe File not found
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found
"RtHDVCpl"=RtHDVCpl.exe (Realtek Semiconductor)
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" File not found
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" File not found
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot File not found
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\axcmd.exe" /automount File not found
"ehTray.exe"=C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background File not found
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe File not found

========== (O4) RunOnce Keys ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)" -"http://www.funlabo.com/billard/billard-3d.htm" (Adobe Systems, Inc.)

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=2
"ConsentPromptBehaviorUser"=1
"EnableInstallerDetection"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
"NoSaveSettings"=0

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
E&xporter vers Microsoft Excel: C:\Programmes\Microsoft Office\OFFICE11\EXCEL.EXE File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Button: Recherche -- %SystemDrive%\Programmes\Microsoft Office\OFFICE11\REFIEBAR.DLL File not found

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
40 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{67DABFBF-D0AB-41FA-9C46-CC0F21721616}: http://download.divx.com/player/DivXBrowserPlugin.cab -- DivXBrowserPlugin Object
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}: http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...) -- Reg Error: Key does not exist or could not be opened.
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.(...) -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab -- Java Plug-in 1.6.0_13
{EDFCB7CB-942C-4822-AF14-F0B687409848}: http://www.mypix.com/fr/fr/importer/ImageUploader4.cab -- Image Uploader Control

========== (O17) DNS Name Servers ==========

{C2B218E3-51B5-434A-8775-34E10D41BD45} (Servers: 192.168.1.1 | Description: SiS191 Ethernet Controller)

========== (O19) User Style Sheets ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles]

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/19 09:33:59 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/19 09:36:42 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}\Shell\AutoRun\command]
""=L:\LaunchU3.exe -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}\Shell]
""=AutoRun


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}\Shell\AutoRun\command]
""=L:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/04/23 17:32:22 | 00,000,280 | -HS- | C] () -- C:\Users\Public\Documents\desktop.ini
[2009/04/23 13:16:12 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Users\Mathieu\Desktop\OTViewIt.exe
[2009/04/23 13:16:09 | 03,063,649 | ---- | C] (Symantec Corporation) -- C:\Users\Mathieu\Desktop\Norton_Removal_Tool.exe
[2009/04/22 21:09:25 | 02,028,356 | -H-- | C] () -- C:\Users\Mathieu\AppData\Local\IconCache.db
[2009/04/22 17:03:47 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/18 14:31:47 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/18 14:31:47 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/18 14:31:45 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/18 14:31:43 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/18 14:31:42 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/18 14:31:42 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/18 14:31:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/18 14:31:42 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/18 14:31:38 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/18 14:31:38 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/18 14:31:37 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/18 14:31:36 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/18 14:31:36 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/18 14:31:36 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/18 14:31:36 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/18 14:31:36 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/18 14:31:36 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/18 14:31:36 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/18 14:31:33 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/18 14:31:32 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/18 14:31:31 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/18 14:31:31 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/18 14:31:31 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/18 14:31:31 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/18 14:31:31 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/18 14:31:30 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/18 14:31:30 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/18 14:31:30 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/18 14:31:30 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/18 14:31:30 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/04/18 14:31:30 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/18 14:31:30 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/18 14:31:29 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/09 09:31:40 | 00,000,011 | ---- | C] () -- C:\AuResult.ini
[2009/04/06 12:40:57 | 00,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2009/04/06 12:40:57 | 00,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2009/03/29 15:56:32 | 00,000,503 | ---- | C] () -- C:\Users\Mathieu\Documents\Mes dossiers de partage.lnk
[2009/03/29 11:53:25 | 00,290,816 | ---- | C] (Koyote Soft - http://www.koyotesoft.com) -- C:\Windows\System32\TubeFinder.exe
[2009/03/29 11:53:23 | 00,208,500 | ---- | C] () -- C:\Windows\System32\ReyXpBasics.tlb
[2009/03/29 11:53:22 | 00,364,544 | ---- | C] () -- C:\Windows\System32\PropertyGrid.ocx
[2009/03/29 11:53:22 | 00,084,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PICCLP32.OCX
[2009/03/29 11:53:22 | 00,024,576 | ---- | C] () -- C:\Windows\System32\ControlSubX.ocx
[2009/03/29 11:53:22 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PCCLPFR.DLL
[2009/03/29 10:12:04 | 00,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2009/03/28 13:09:30 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2009/03/28 13:09:30 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2009/03/28 13:09:29 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2009/03/28 13:09:27 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2009/03/28 13:09:27 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2009/03/28 13:09:27 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2009/03/28 13:09:26 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2009/03/27 17:29:06 | 00,000,000 | ---D | C] -- C:\Users\Mathieu\AppData\Local\vdownloader
[2009/03/26 19:38:21 | 00,000,136 | -H-- | C] () -- C:\Users\Mathieu\Desktop\desktop.ini
[2009/03/26 14:20:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/03/26 14:20:01 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/03/26 14:20:01 | 00,000,000 | ---D | C] -- C:\Program Files\Real
[2009/03/26 14:19:58 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2009/03/26 14:05:01 | 00,000,000 | ---D | C] -- C:\Users\Mathieu\AppData\Roaming\Real

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/04/23 17:32:22 | 00,000,280 | -HS- | M] () -- C:\Users\Public\Documents\desktop.ini
[2009/04/23 17:31:13 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/04/23 17:31:13 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/04/23 17:31:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/04/23 17:31:04 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/04/23 13:30:18 | 02,028,356 | -H-- | M] () -- C:\Users\Mathieu\AppData\Local\IconCache.db
[2009/04/23 13:27:18 | 01,592,070 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/04/23 13:27:18 | 00,713,304 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/04/23 13:27:18 | 00,625,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/04/23 13:27:18 | 00,143,336 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/04/23 13:27:18 | 00,116,946 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/04/23 13:16:15 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Users\Mathieu\Desktop\OTViewIt.exe
[2009/04/23 13:16:10 | 03,063,649 | ---- | M] (Symantec Corporation) -- C:\Users\Mathieu\Desktop\Norton_Removal_Tool.exe
[2009/04/22 19:19:40 | 00,090,624 | ---- | M] () -- C:\Users\Mathieu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/22 17:30:32 | 00,028,160 | ---- | M] () -- C:\Users\Mathieu\Documents\Conduite.xls
[2009/04/16 12:48:12 | 00,000,503 | ---- | M] () -- C:\Users\Mathieu\Documents\Mes dossiers de partage.lnk
[2009/04/10 20:00:00 | 00,000,528 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Analyse système complète - Mathieu.job
[2009/04/09 09:31:40 | 00,000,011 | ---- | M] () -- C:\AuResult.ini
[2009/04/08 12:24:11 | 00,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2009/04/06 16:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009/04/06 12:40:57 | 00,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2009/04/03 15:35:24 | 00,000,083 | ---- | M] () -- C:\Windows\wwp.INI
[2009/03/29 08:34:16 | 00,290,816 | ---- | M] (Koyote Soft - http://www.koyotesoft.com) -- C:\Windows\System32\TubeFinder.exe
[2009/03/26 19:38:34 | 00,000,136 | -H-- | M] () -- C:\Users\Mathieu\Desktop\desktop.ini
[2009/03/26 14:20:01 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
< End of report >


OTViewIt Extras logfile created on: 23/04/2009 17:34:55 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Mathieu\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 62,32% Memory free
4,00 Gb Paging File | 3,35 Gb Available in Paging File | 83,72% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 39,46 Gb Free Space | 56,56% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 64,67 Gb Free Space | 93,03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-FAMILLE
Current User Name: Mathieu
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
"Use My Stylesheet"=
"User Stylesheet"=

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=0
"UacDisableNotify"=1
"InternetSettingsDisableNotify"=1
"AutoUpdateDisableNotify"=1
"AntiVirusDisableNotify"=1
"AntiVirusOverride"=1
"FirewallDisableNotify"=1
"UpdatesDisableNotify"=1
"FirewallOverride"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotifications"=0
"EnableNotificationsRef"=1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications"=0
"EnableFirewall"=1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
msdaipp: [HKLM - No CLSID value]
File not found C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
File not found C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
File not found c:\Programmes\Common Files\microsoft shared\Information Retrieval\msitss.dll (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
File not found C:\Programmes\Common Files\microsoft shared\Web Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11 Handler])

========== (O18) Protocol Filters ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
File not found C:\Programmes\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could not be read.]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}"=DocProc
"{04441EE4-3631-43DB-813A-9D031380C8E5}"=MarketingReg
"{05B988AF-94B9-7C59-CCE8-18145910D360}"=Catalyst Control Center Graphics Full New
"{10E1E87C-656C-4D08-86D6-5443D28583BE}"=TrayApp
"{12BBD72B-525B-AEC4-933B-2C42CECA45E9}"=ccc-utility
"{15A7B79C-7E70-8A15-38D8-E2C0A699FB88}"=Catalyst Control Center HydraVision Full
"{1753255A-0AEB-4220-8C75-607B73F0C133}"=Copy
"{22466889-7642-488d-AA0E-F619704CF7AB}"=DeviceDiscovery
"{2523A0F0-03E8-455C-B692-0E1A7CC7640A}"=Walt Disney Pictures Volt - Star Malgré lui
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 13
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}"=WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}"=Scan
"{32CCE6B1-F9F2-76AD-66D0-FC6DD216C880}"=Catalyst Control Center Graphics Previews Common
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}"=HP Product Assistant
"{3E31821C-7917-367E-938E-E65FC413EA31}"=Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{4229E5DA-0F3B-48E9-7C5A-0C1D088EB10D}"=CCC Help French
"{44E393CA-AEC7-2F57-0408-77D79C759390}"=Skins
"{543E938C-BDC4-4933-A612-01293996845F}"=UnloadSupport
"{58E38911-9022-6A24-0D53-6FD1280B805D}"=Catalyst Control Center Graphics Light
"{6087F45E-358C-4173-8CB1-DE0AE26FFAE1}"=Catalyst Control Center - Branding
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
"{67163724-3AB4-3B48-A617-66A4923637D8}"=Catalyst Control Center Core Implementation
"{681B698F-C997-42C3-B184-B489C6CA24C9}"=HPPhotoSmartDiscLabelContent1
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}"=Microsoft Works
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}"=QuickTime
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}"=VC80CRTRedist - 8.0.50727.762
"{824D3839-DAA1-4315-A822-7AE3E620E528}"=VideoToolkit01
"{87E2B986-07E8-477a-93DC-AF0B6758B192}"=DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{9011040C-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}"=Worms World Party
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
"{ABD4FE9D-B664-2754-093B-8CECE970A6B6}"=Catalyst Control Center Localization French
"{AC76BA86-7AD7-1036-7B44-A70000000000}"=Adobe Reader 7.0 - Français
"{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}"=C4200_doccd
"{AEA07F97-9088-497c-8821-0F36BD5DC251}"=HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}"=AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}"=HP Photosmart All-In-One Software 9.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}"=SolutionCenter
"{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}"=c4200_Help
"{C39E671D-0528-4c5e-A034-8470C5BC393A}"=C4200
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}"=LightScribe 1.4.142.1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}"=Destination Component
"{D2DE0770-0E7A-5A28-A0F6-FDB4483C4252}"=Catalyst Control Center Graphics Previews Vista
"{D79113E7-274C-470B-BD46-01B10219DF6A}"=HPPhotosmartEssential
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}"=PS_AIO_Software
"{E2662C24-B31E-4349-A084-32EB76E8B760}"=BufferChm
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}"=PS_AIO_Software_min
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}"=Toolbox
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}"=Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}"=32 Bit HP CIO Components Installer
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}"=PSSWCORE
"{F9BE104A-701D-FB9F-EF91-6AD9FB134726}"=ccc-core-static
"{FD7F242B-9AA0-40c3-941E-3A9821D19C09}"=PS_AIO_ProductContext
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}"=Status
"{FE57DE70-95DE-4B64-9266-84DA811053DB}"=HP Update
"{FF52BA2B-D353-F8A1-3851-F9FCC2D68FB9}"=Catalyst Control Center Graphics Full Existing
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player"=Adobe Shockwave Player 11
"CCleaner"=CCleaner (remove only)
"eMule"=eMule
"HP Imaging Device Functions"=HP Imaging Device Functions 9.0
"HP Photosmart Essential"=HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools"=HP Solution Center 9.0
"HPOCR"=HP OCR Software 9.0
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra"=Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"RealPlayer 6.0"=RealPlayer
"SFR_Kit"=SFR - Kit de connexion
"SFR_Media Center"=SFR - Media Center
"VLC media player"=VideoLAN VLC media player 0.8.6d
"WinRAR archiver"=WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13/03/2009 11:13:20 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 11:13:22 | Computer Name = PC-famille | Source = Windows Search Service | ID = 3013
Description =

Error - 13/03/2009 12:15:30 | Computer Name = PC-famille | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 13/03/2009 12:22:23 | Computer Name = PC-famille | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 13/03/2009 12:28:14 | Computer Name = PC-famille | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ Media Center Events ]
Error - 03/04/2008 14:57:52 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 16/04/2008 06:43:59 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 06/11/2008 12:41:11 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 11/12/2008 08:34:44 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 15/01/2009 07:24:44 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

Error - 07/03/2009 08:14:34 | Computer Name = PC-famille | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

[ System Events ]
Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:25 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:26 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =

Error - 23/04/2009 11:36:28 | Computer Name = PC-famille | Source = Service Control Manager | ID = 7001
Description =


< End of report >






A bientot

Bonsoir,

Désactive tous tes logiciels de sécurité durant la procédure.

Télécharge OTMoveIt3 de OldTimer :

- Enregistre-le sur ton bureau
- Double-clique sur OTMoveIt3.exe pour le lancer (l'extension peut ne pas apparaître)
- Copie-colle l'entièreté de ceci ci dessous dans la partie "Paste Instructions for Items to be Moved" (en-dessous de la barre jaune) :


- Ferme tous tes programmes et clique sur le bouton rouge Moveit! pour lancer le nettoyage
- Copie-colle dans ta prochaine réponse tout ce qui se trouve dans la fenêtre Results (en vert à droite)
--> Un rapport sera généré dans le dossier C:\ _OTMoveIt\MovedFiles avec la date et l'heure du passage de l'outil (mmddyyyy_hhmmss.log)
- Ferme OTMoveIt3 (en cliquant sur Exit)

Note : Si un fichier ou un dossier ne sait être supprimé directement, l'outil peut demander un redémarrage pour terminer le processus. Clique alors sur "Yes" pour accepter...


As-tu à présent accès au centre de sécurité ?


Cordialement.

Merci

Rapport :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service\Driver Anyplace Control Security stopped successfully.
Service\Driver Anyplace Control Security deleted successfully.
Service\Driver Symantec Core LC not found.
Service\Driver Symantec Core LC not found.
Service\Driver Symantec Core LC not found.
Service\Driver Planificateur LiveUpdate automatique deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
========== FILES ==========
C:\Windows\svcadmin.exe moved successfully.
C:\Program Files\Common Files\Symantec Shared\CCPD-LC moved successfully.
C:\Program Files\Common Files\Symantec Shared moved successfully.
File/Folder C:\Program Files\Symantec not found.
C:\Windows\msdownld.tmp moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFB2F4.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFB300.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFBDB6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFC384.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFDADD.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Mathieu\AppData\Local\Temp\~DFDAE2.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04232009_192938

Files moved on Reboot...
File C:\Users\Mathieu\AppData\Local\Temp\~DFB2F4.tmp not found!
File C:\Users\Mathieu\AppData\Local\Temp\~DFB300.tmp not found!
File C:\Users\Mathieu\AppData\Local\Temp\~DFBDB6.tmp not found!
File C:\Users\Mathieu\AppData\Local\Temp\~DFC384.tmp not found!
File C:\Users\Mathieu\AppData\Local\Temp\~DFDADD.tmp not found!
File C:\Users\Mathieu\AppData\Local\Temp\~DFDAE2.tmp not found!

le PC a redemarré

Toujours pas de centre de securité...

Bonsoir,

Essaie-ceci :

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
Dans le menu du bloc notes, clic sur "Fichier" >> Enregistrer sous.
Choisis le bureau comme lieu d'enregistrement, puis dans:

Type -> choisis "tous les fichiers"
Nom du fichier -> tape scc.bat
Clique sur enregistrer.

Sur ton bureau tu auras maintenant un fichier nommé scc.bat.


2) Double clic sur le fichier scc.bat.

- Une fenêtre noire va s'ouvrir ; Ne la ferme pas manuellement. Le système va redémarrer.

As-tu accès au centre de sécurité ?


Cordialement.

Merci

j'ai acces au centre de securité mais maintenant le pare feu windows ne veut pas s'activer...

je ne comprend pas...

Bonsoir,

Obtiens-tu un message d'erreur ?

Pour voir : Télécharge Combofix de sUBs : combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

- Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.


Cordialement.

Petit probleme :

je vous ecrit depuis mon autre PC...car sur l'autre il n'y a plus qu'un reseau local et plus d'acces a internet...

Pour ce qui est du pare feux c'etait le meme message que pour activer le centre de securité...

Comment resoudre les problemes maintenant ??

Bonsoir,

Le problème est-il survenu après l'utilisation de ComboFix ?

Suis cette procédure :

1. Cliquez sur le bouton Démarrer.
2. Cliquez sur l'option de menu Paramètres.
3. Cliquez sur l'option Panneau de configuration.
4. Après l'ouverture du Panneau de configuration, faites un double clic sur l'icône Connexions réseau. Si votre Panneau de configuration est paramétré pour un affichage en catégories, faites un double clic sur Connexions réseau et Internet puis cliquez sur Connexions réseau tout en bas.
5. Vous verrez alors une liste de toutes les connexions réseau disponibles. Repérez la connexion vers votre adaptateur Sans Fil ou Réseau local et faites un clic droit dessus.
6. Vous verrez alors un menu similaire à celui de l'image ci-dessous. Cliquez simplement sur l'option de menu Réparer.


7. Laissez le processus de réparation se dérouler, et lorsqu'il a terminé, votre connexion Internet devrait être de nouveau opérationnelle.

Sinon, si une icône de votre réseau apparaît aussi dans la barre des tâches Windows, vous pouvez la réparer en faisant un clic droit sur l'icône et en choisissant Réparer comme le montre l'image ci-dessous:



La connexion à Internet est-elle à nouveau fonctionnelle ?


Cordialement.

J'ai finalement fais une restau systeme ...


sinon le rapport :

ComboFix 09-04-24.01 - Mathieu 24/04/2009 17:00.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1357 [GMT 2:00]
Lancé depuis: c:\users\Mathieu\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Mathieu\AppData\Roaming\Microsoft\SystemCertificates\Request
c:\windows\system32\AutoRun.inf
c:\windows\system32\autorun.ini

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_asc3550p


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-4-24 ))))))))))))))))))))))))))))))))))))
.

2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----w c:\users\All Users\NortonInstaller
2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----w c:\progra~2\NortonInstaller
2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----r c:\users\Public\Documents
2009-04-09 07:31 . 2009-04-09 07:31 11 ----a-w C:\AuResult.ini
2009-04-06 10:40 . 2009-04-08 10:24 54156 ---ha-w c:\windows\QTFont.qfn
2009-04-06 10:40 . 2009-04-06 10:40 1409 ----a-w c:\windows\QTFont.for
2009-03-29 09:53 . 2009-03-29 06:34 290816 ----a-w c:\windows\system32\TubeFinder.exe
2009-03-29 09:53 . 2008-06-04 16:42 208500 ----a-w c:\windows\system32\ReyXpBasics.tlb
2009-03-29 09:53 . 2008-06-04 16:42 9728 ----a-w c:\windows\system32\PCCLPFR.DLL
2009-03-29 09:53 . 2008-06-04 16:42 84512 ----a-w c:\windows\system32\PICCLP32.OCX
2009-03-29 09:53 . 2008-06-04 16:42 364544 ----a-w c:\windows\system32\PropertyGrid.ocx
2009-03-29 09:53 . 2008-06-04 16:42 24576 ----a-w c:\windows\system32\ControlSubX.ocx
2009-03-29 08:31 . 2009-03-29 08:31 262144 ----a-w c:\progra~2\ntuser.dat
2009-03-28 11:09 . 2008-10-10 03:52 452440 ----a-w c:\windows\system32\d3dx10_40.dll
2009-03-28 11:09 . 2008-10-10 03:52 2036576 ----a-w c:\windows\system32\D3DCompiler_40.dll
2009-03-28 11:09 . 2008-10-10 03:52 4379984 ----a-w c:\windows\system32\D3DX9_40.dll
2009-03-28 11:09 . 2008-10-27 09:04 514384 ----a-w c:\windows\system32\XAudio2_3.dll
2009-03-28 11:09 . 2008-10-27 09:04 235856 ----a-w c:\windows\system32\xactengine3_3.dll
2009-03-28 11:09 . 2008-10-27 09:04 70992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2009-03-28 11:09 . 2008-10-27 09:04 23376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2009-03-27 15:29 . 2009-03-27 15:29 -------- d-----w c:\users\Mathieu\AppData\Local\vdownloader
2009-03-26 17:41 . 2009-03-30 17:18 -------- d-----r c:\users\Mathieu\Downloads

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-24 11:38 . 2006-11-02 15:48 713304 ----a-w c:\windows\System32\perfh00C.dat
2009-04-24 11:38 . 2006-11-02 15:48 143336 ----a-w c:\windows\System32\perfc00C.dat
2009-04-23 17:32 . 2008-01-13 10:08 86760 ----a-w c:\windows\System32\GDIPFONTCACHEV1.DAT
2009-04-23 17:32 . 2008-01-12 11:13 8224 ----a-w c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-23 11:28 . 2008-01-12 12:36 -------- d-----w c:\program files\Windows Live
2009-04-23 11:22 . 2009-04-22 15:03 -------- d-----w c:\program files\Trend Micro
2009-04-23 11:20 . 2008-04-08 16:16 -------- d-----w c:\progra~2\Trend Micro
2009-04-23 11:20 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat
2009-04-23 11:20 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat
2009-04-23 11:20 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat
2009-04-18 15:22 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-29 08:31 . 2008-10-04 09:58 -------- d-----w c:\program files\HP
2009-03-28 10:54 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Common Files\xing shared
2009-03-26 12:20 . 2009-03-26 12:19 -------- d-----w c:\program files\Common Files\Real
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Real
2009-03-26 12:01 . 2008-01-12 12:23 -------- d-----w c:\program files\CCleaner
2009-03-25 11:52 . 2008-12-11 18:00 -------- d-----w c:\program files\Java
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\DivX
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-18 08:03 . 2008-12-18 15:57 -------- d-----w c:\progra~2\WLInstaller
2009-03-17 20:58 . 2009-03-17 20:58 -------- d-----w c:\progra~2\Messenger Plus!
2009-03-17 20:55 . 2008-01-12 11:51 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-03-17 17:41 . 2009-03-17 17:15 -------- d-----w c:\program files\MSECACHE
2009-03-17 03:38 . 2009-04-18 12:31 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-18 12:31 13824 ----a-w c:\windows\System32\apilogen.dll
2009-03-17 03:38 . 2009-04-18 12:31 24064 ----a-w c:\windows\System32\amxread.dll
2009-03-09 17:48 . 2009-03-09 17:48 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 04:19 . 2008-12-03 12:38 410984 ----a-w c:\windows\System32\deploytk.dll
2009-03-03 04:46 . 2009-04-18 12:31 3599328 ----a-w c:\windows\System32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-18 12:31 3547632 ----a-w c:\windows\System32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-18 12:31 827392 ----a-w c:\windows\System32\wininet.dll
2009-03-03 04:39 . 2009-04-18 12:31 183296 ----a-w c:\windows\System32\sdohlp.dll
2009-03-03 04:39 . 2009-04-18 12:31 551424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 . 2009-04-18 12:31 26112 ----a-w c:\windows\System32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-18 12:31 78336 ----a-w c:\windows\System32\ieencode.dll
2009-03-03 04:37 . 2009-04-18 12:31 98304 ----a-w c:\windows\System32\iasrecst.dll
2009-03-03 04:37 . 2009-04-18 12:31 54784 ----a-w c:\windows\System32\iasads.dll
2009-03-03 04:37 . 2009-04-18 12:31 44032 ----a-w c:\windows\System32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-18 12:31 666624 ----a-w c:\windows\System32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-18 12:31 17408 ----a-w c:\windows\System32\iashost.exe
2009-03-03 02:28 . 2009-04-18 12:31 26624 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-02 12:26 . 2008-05-11 16:18 -------- d-----w c:\program files\eMule
2009-02-26 10:40 . 2008-03-07 16:22 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-18 07:57 . 2009-02-18 07:57 413756 ----a-w c:\windows\System32\dijpg.dll
2009-02-13 08:49 . 2009-04-18 12:31 72704 ----a-w c:\windows\System32\secur32.dll
2009-02-13 08:49 . 2009-04-18 12:31 1255936 ----a-w c:\windows\System32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 17:31 2033152 ----a-w c:\windows\System32\win32k.sys
2008-08-13 06:29 . 2008-08-13 06:29 95 ----a-w c:\users\Mathieu\AppData\Local\fusioncache.dat
2008-05-23 16:23 . 2008-01-26 17:43 112 ----a-w c:\users\Mathieu\AppData\Roaming\wklnhst.dat
2008-03-21 17:45 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2007-10-31 20:25 . 2007-10-31 20:25 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\axcmd.exe" [2007-12-22 221056]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-03-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{313319BD-A16C-4BB5-B293-64ACF25BDDC8}"= UDP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{E05F9295-9E0E-487C-8A88-7604B9B808B2}"= TCP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{104405FC-4BB7-447F-98AB-5B0E20CAA111}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{6AF2C579-931F-49E9-A13D-C9E1271446E5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DF64BE8-8FFA-44FD-86B4-BB3B8592FC02}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E52BD271-FDF1-46F2-8E8F-B3F67C1FBEFA}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{B6D431D0-650B-4695-A7B3-DBBDCD368BBA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3B095CE6-61B0-4038-8B55-328EAA7AEA12}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{81D1B0ED-9BC1-4FDC-A50D-A2FAFB4FE17C}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{99CE68E4-1235-4018-83AD-4F81F794291B}"= UDP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"{73426BA3-23DB-4653-8F8E-48EE67CBE674}"= TCP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool

R3 CAM1210;USB Video Camera;c:\windows\system32\Drivers\cam1210.sys [2007-01-09 91776]
R3 idrmkl;idrmkl; [x]
R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2007-06-05 454520]
S2 litsgt;litsgt;c:\windows\system32\DRIVERS\litsgt.sys [2008-03-04 137344]
S2 tansgt;tansgt;c:\windows\system32\DRIVERS\tansgt.sys [2008-03-04 12032]
S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\DRIVERS\mr97310v.sys [2006-03-07 111872]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2007-01-22 46592]
S3 Tetris;Tetris driver;c:\windows\system32\Drivers\Tetris.sys [2008-03-04 48928]


--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-RunOnce-Shockwave Updater - c:\windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET
HKU-Default-Run-OE - c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.neufportail.fr/
mStart Page = hxxp://www.google.com
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {C2B218E3-51B5-434A-8775-34E10D41BD45} = 192.168.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-24 17:05
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\conime.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Alcohol Soft\StarWind\StarWindServiceAE.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Heure de fin: 2009-04-24 17:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-24 15:08

Avant-CF: 42 999 185 408 octets libres
Après-CF: 42 618 052 608 octets libres

210 --- E O F --- 2009-04-24 11:39

Bonsoir,

Désactive tous tes logiciels de sécurité durant la procédure.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


2) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :
Dans le menu du bloc notes, clic sur "Fichier" >> Enregistrer sous.
Choisis le bureau comme lieu d'enregistrement, puis dans:

Type -> choisis "tous les fichiers"
Nom du fichier -> tape firewall.bat
Clique sur enregistrer.

Sur ton bureau tu auras maintenant un fichier nommé firewall.bat.


2) Double clic sur le fichier firewall.bat.

- Une fenêtre noire va s'ouvrir ; Ne la ferme pas manuellement. Le système va redémarrer.

Comment se comporte le système ?


Cordialement.

Bonjour

1/ Apres la manip je n'ai plus eu acces a internet, j'ai donc enlever les parametre IP Local et je l'ai ai remis et CA MARCHE.

Rapport :

ComboFix 09-04-24.01 - Mathieu 26/04/2009 8:52.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1342 [GMT 2:00]
Lancé depuis: c:\users\Mathieu\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Mathieu\Desktop\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
C:\AuResult.ini
c:\program files\desktop.ini
c:\windows\System32\dijpg.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\AuResult.ini
c:\progra~2\NortonInstaller
c:\progra~2\NortonInstaller\Logs\04-23-2009-17h32m22s\SymNRT-04-23-2009-17h32m22s.log
c:\progra~2\NortonInstaller\Logs\04-23-2009-17h32m22s\SymNRT.1.mft.7z
c:\progra~2\NortonInstaller\Settings\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.7z
c:\program files\desktop.ini
c:\users\All Users\NortonInstaller\Logs\04-23-2009-17h32m22s\SymNRT-04-23-2009-17h32m22s.log
c:\users\All Users\NortonInstaller\Logs\04-23-2009-17h32m22s\SymNRT.1.mft.7z
c:\users\All Users\NortonInstaller\Settings\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.7z
c:\windows\system32\AutoRun.inf
c:\windows\system32\autorun.ini
c:\windows\System32\dijpg.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IDRMKL
-------\Service_asc3550p
-------\Service_idrmkl


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-26 au 2009-4-26 ))))))))))))))))))))))))))))))))))))
.

2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----r c:\users\Public\Documents
2009-04-06 10:40 . 2009-04-08 10:24 54156 ---ha-w c:\windows\QTFont.qfn
2009-04-06 10:40 . 2009-04-06 10:40 1409 ----a-w c:\windows\QTFont.for
2009-03-29 09:53 . 2009-03-29 06:34 290816 ----a-w c:\windows\system32\TubeFinder.exe
2009-03-29 09:53 . 2008-06-04 16:42 208500 ----a-w c:\windows\system32\ReyXpBasics.tlb
2009-03-29 09:53 . 2008-06-04 16:42 9728 ----a-w c:\windows\system32\PCCLPFR.DLL
2009-03-29 09:53 . 2008-06-04 16:42 84512 ----a-w c:\windows\system32\PICCLP32.OCX
2009-03-29 09:53 . 2008-06-04 16:42 364544 ----a-w c:\windows\system32\PropertyGrid.ocx
2009-03-29 09:53 . 2008-06-04 16:42 24576 ----a-w c:\windows\system32\ControlSubX.ocx
2009-03-29 08:31 . 2009-03-29 08:31 262144 ----a-w c:\progra~2\ntuser.dat
2009-03-28 11:09 . 2008-10-10 03:52 452440 ----a-w c:\windows\system32\d3dx10_40.dll
2009-03-28 11:09 . 2008-10-10 03:52 2036576 ----a-w c:\windows\system32\D3DCompiler_40.dll
2009-03-28 11:09 . 2008-10-10 03:52 4379984 ----a-w c:\windows\system32\D3DX9_40.dll
2009-03-28 11:09 . 2008-10-27 09:04 514384 ----a-w c:\windows\system32\XAudio2_3.dll
2009-03-28 11:09 . 2008-10-27 09:04 235856 ----a-w c:\windows\system32\xactengine3_3.dll
2009-03-28 11:09 . 2008-10-27 09:04 70992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2009-03-28 11:09 . 2008-10-27 09:04 23376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2009-03-27 15:29 . 2009-03-27 15:29 -------- d-----w c:\users\Mathieu\AppData\Local\vdownloader

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-25 13:59 . 2006-11-02 15:48 713304 ----a-w c:\windows\System32\perfh00C.dat
2009-04-25 13:59 . 2006-11-02 15:48 143336 ----a-w c:\windows\System32\perfc00C.dat
2009-04-23 17:32 . 2008-01-13 10:08 86760 ----a-w c:\windows\System32\GDIPFONTCACHEV1.DAT
2009-04-23 17:32 . 2008-01-12 11:13 8224 ----a-w c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-23 11:28 . 2008-01-12 12:36 -------- d-----w c:\program files\Windows Live
2009-04-23 11:22 . 2009-04-22 15:03 -------- d-----w c:\program files\Trend Micro
2009-04-23 11:20 . 2008-04-08 16:16 -------- d-----w c:\progra~2\Trend Micro
2009-04-23 11:20 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat
2009-04-23 11:20 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat
2009-04-23 11:20 . 2006-11-02 10:25 143360 ----a-w c:\windows\Inf\infstrng.dat
2009-04-18 15:22 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-29 08:31 . 2008-10-04 09:58 -------- d-----w c:\program files\HP
2009-03-28 10:54 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Common Files\xing shared
2009-03-26 12:20 . 2009-03-26 12:19 -------- d-----w c:\program files\Common Files\Real
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Real
2009-03-26 12:01 . 2008-01-12 12:23 -------- d-----w c:\program files\CCleaner
2009-03-25 11:52 . 2008-12-11 18:00 -------- d-----w c:\program files\Java
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\DivX
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-18 08:03 . 2008-12-18 15:57 -------- d-----w c:\progra~2\WLInstaller
2009-03-17 20:58 . 2009-03-17 20:58 -------- d-----w c:\progra~2\Messenger Plus!
2009-03-17 20:55 . 2008-01-12 11:51 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-03-17 17:41 . 2009-03-17 17:15 -------- d-----w c:\program files\MSECACHE
2009-03-17 03:38 . 2009-04-18 12:31 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-18 12:31 13824 ----a-w c:\windows\System32\apilogen.dll
2009-03-17 03:38 . 2009-04-18 12:31 24064 ----a-w c:\windows\System32\amxread.dll
2009-03-09 17:48 . 2009-03-09 17:48 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 04:19 . 2008-12-03 12:38 410984 ----a-w c:\windows\System32\deploytk.dll
2009-03-03 04:46 . 2009-04-18 12:31 3599328 ----a-w c:\windows\System32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-18 12:31 3547632 ----a-w c:\windows\System32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-18 12:31 827392 ----a-w c:\windows\System32\wininet.dll
2009-03-03 04:39 . 2009-04-18 12:31 183296 ----a-w c:\windows\System32\sdohlp.dll
2009-03-03 04:39 . 2009-04-18 12:31 551424 ----a-w c:\windows\System32\rpcss.dll
2009-03-03 04:39 . 2009-04-18 12:31 26112 ----a-w c:\windows\System32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-18 12:31 78336 ----a-w c:\windows\System32\ieencode.dll
2009-03-03 04:37 . 2009-04-18 12:31 98304 ----a-w c:\windows\System32\iasrecst.dll
2009-03-03 04:37 . 2009-04-18 12:31 54784 ----a-w c:\windows\System32\iasads.dll
2009-03-03 04:37 . 2009-04-18 12:31 44032 ----a-w c:\windows\System32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-18 12:31 666624 ----a-w c:\windows\System32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-18 12:31 17408 ----a-w c:\windows\System32\iashost.exe
2009-03-03 02:28 . 2009-04-18 12:31 26624 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-02 12:26 . 2008-05-11 16:18 -------- d-----w c:\program files\eMule
2009-02-26 10:40 . 2008-03-07 16:22 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-13 08:49 . 2009-04-18 12:31 72704 ----a-w c:\windows\System32\secur32.dll
2009-02-13 08:49 . 2009-04-18 12:31 1255936 ----a-w c:\windows\System32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 17:31 2033152 ----a-w c:\windows\System32\win32k.sys
2008-08-13 06:29 . 2008-08-13 06:29 95 ----a-w c:\users\Mathieu\AppData\Local\fusioncache.dat
2008-05-23 16:23 . 2008-01-26 17:43 112 ----a-w c:\users\Mathieu\AppData\Roaming\wklnhst.dat
2007-10-31 20:25 . 2007-10-31 20:25 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\axcmd.exe" [2007-12-22 221056]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-03-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="c:\windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{313319BD-A16C-4BB5-B293-64ACF25BDDC8}"= UDP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{E05F9295-9E0E-487C-8A88-7604B9B808B2}"= TCP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{104405FC-4BB7-447F-98AB-5B0E20CAA111}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{6AF2C579-931F-49E9-A13D-C9E1271446E5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DF64BE8-8FFA-44FD-86B4-BB3B8592FC02}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E52BD271-FDF1-46F2-8E8F-B3F67C1FBEFA}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{B6D431D0-650B-4695-A7B3-DBBDCD368BBA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3B095CE6-61B0-4038-8B55-328EAA7AEA12}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{81D1B0ED-9BC1-4FDC-A50D-A2FAFB4FE17C}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{99CE68E4-1235-4018-83AD-4F81F794291B}"= UDP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"{73426BA3-23DB-4653-8F8E-48EE67CBE674}"= TCP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool

R3 CAM1210;USB Video Camera;c:\windows\system32\Drivers\cam1210.sys [2007-01-09 91776]
R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2007-06-05 454520]
S2 litsgt;litsgt;c:\windows\system32\DRIVERS\litsgt.sys [2008-03-04 137344]
S2 tansgt;tansgt;c:\windows\system32\DRIVERS\tansgt.sys [2008-03-04 12032]
S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\DRIVERS\mr97310v.sys [2006-03-07 111872]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2007-01-22 46592]
S3 Tetris;Tetris driver;c:\windows\system32\Drivers\Tetris.sys [2008-03-04 48928]


--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.neufportail.fr/
mStart Page = hxxp://www.google.com
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {C2B218E3-51B5-434A-8775-34E10D41BD45} = 192.168.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 08:58
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\conime.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Alcohol Soft\StarWind\StarWindServiceAE.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Heure de fin: 2009-04-26 9:01 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-26 07:01
ComboFix2.txt 2009-04-24 15:09

Avant-CF: 43 637 923 840 octets libres
Après-CF: 43 213 205 504 octets libres

207 --- E O F --- 2009-04-24 11:39




2/ Le systeme a redemarrer et il y a le pare feu qui est activer...

MERCI

Bonsoir,

Désactive tous tes logiciels de sécurité durant la procédure.

1) Branche tous tes disques amovibles (HDD externes, clés USB, lecteurs MP3, etc.) sans les ouvrir puis relance ComboFix.
Poste le rapport obtenu.


2) Pour vérification, analyse ton système avec le Kaspersky Online Scanner. Tutorial.
Poste le résultat de l'analyse ici.


Cordialement.

A quoi cela sert maintenant que le pare feu windows marche ?

Bonsoir,

Il est possible que certains de tes supports amovibles soient infectés. Il est préférable de ne rien négliger.


Cordialement.

Avec du retard :
(je n'ai pas pu connecter tous mes supprot USB)


1/

ComboFix 09-04-29.07 - Mathieu 30/04/2009 16:23.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1399 [GMT 2:00]
Lancé depuis: c:\users\Mathieu\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-28 au 2009-4-30 ))))))))))))))))))))))))))))))))))))
.

2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----r c:\users\Public\Documents
2009-04-22 15:03 . 2009-04-23 11:22 -------- d-----w c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-30 14:21 . 2006-11-02 15:48 713304 ----a-w c:\windows\system32\perfh00C.dat
2009-04-30 14:21 . 2006-11-02 15:48 143336 ----a-w c:\windows\system32\perfc00C.dat
2009-04-23 17:32 . 2008-01-13 10:08 86760 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-04-23 17:32 . 2008-01-12 11:13 8224 ----a-w c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-23 11:28 . 2008-01-12 12:36 -------- d-----w c:\program files\Windows Live
2009-04-23 11:20 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-23 11:20 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-23 11:20 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-18 15:22 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-29 08:31 . 2009-03-29 08:31 262144 ----a-w c:\progra~2\ntuser.dat
2009-03-29 08:31 . 2008-10-04 09:58 -------- d-----w c:\program files\HP
2009-03-29 06:34 . 2009-03-29 09:53 290816 ----a-w c:\windows\system32\TubeFinder.exe
2009-03-28 10:54 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Common Files\xing shared
2009-03-26 12:20 . 2009-03-26 12:19 -------- d-----w c:\program files\Common Files\Real
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Real
2009-03-26 12:01 . 2008-01-12 12:23 -------- d-----w c:\program files\CCleaner
2009-03-25 11:52 . 2008-12-11 18:00 -------- d-----w c:\program files\Java
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\DivX
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-17 20:55 . 2008-01-12 11:51 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-03-17 17:41 . 2009-03-17 17:15 -------- d-----w c:\program files\MSECACHE
2009-03-17 03:38 . 2009-04-18 12:31 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-18 12:31 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-18 12:31 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-13 14:40 . 2009-03-13 14:40 118 ----a-w c:\windows\sfi2007.sys
2009-03-09 17:48 . 2009-03-09 17:48 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 04:19 . 2008-12-03 12:38 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-03 04:46 . 2009-04-18 12:31 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-18 12:31 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-18 12:31 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-18 12:31 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-18 12:31 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-18 12:31 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-18 12:31 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-18 12:31 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-18 12:31 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-18 12:31 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-18 12:31 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-18 12:31 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-18 12:31 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-02 12:26 . 2008-05-11 16:18 -------- d-----w c:\program files\eMule
2009-02-13 08:49 . 2009-04-18 12:31 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-18 12:31 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 17:31 2033152 ----a-w c:\windows\system32\win32k.sys
2007-10-31 20:25 . 2007-10-31 20:25 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\axcmd.exe" [2007-12-22 221056]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-03-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{313319BD-A16C-4BB5-B293-64ACF25BDDC8}"= UDP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{E05F9295-9E0E-487C-8A88-7604B9B808B2}"= TCP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{104405FC-4BB7-447F-98AB-5B0E20CAA111}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{6AF2C579-931F-49E9-A13D-C9E1271446E5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DF64BE8-8FFA-44FD-86B4-BB3B8592FC02}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E52BD271-FDF1-46F2-8E8F-B3F67C1FBEFA}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{B6D431D0-650B-4695-A7B3-DBBDCD368BBA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3B095CE6-61B0-4038-8B55-328EAA7AEA12}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{81D1B0ED-9BC1-4FDC-A50D-A2FAFB4FE17C}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{99CE68E4-1235-4018-83AD-4F81F794291B}"= UDP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"{73426BA3-23DB-4653-8F8E-48EE67CBE674}"= TCP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool

R3 CAM1210;USB Video Camera;c:\windows\system32\Drivers\cam1210.sys [2007-01-09 91776]
R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2007-06-05 454520]
S2 litsgt;litsgt;c:\windows\system32\DRIVERS\litsgt.sys [2008-03-04 137344]
S2 tansgt;tansgt;c:\windows\system32\DRIVERS\tansgt.sys [2008-03-04 12032]
S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\DRIVERS\mr97310v.sys [2006-03-07 111872]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2007-01-22 46592]
S3 Tetris;Tetris driver;c:\windows\system32\Drivers\Tetris.sys [2008-03-04 48928]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-RunOnce-Shockwave Updater - c:\windows\System32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET
HKU-Default-Run-OE - c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.neufportail.fr/
mStart Page = hxxp://www.google.com
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {C2B218E3-51B5-434A-8775-34E10D41BD45} = 192.168.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-30 16:26
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2025882112-483618389-2567441031-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4C424EDF-3FEA-6BEB-AF99-FE688C25294B}*]
"iakffkcjcldonmbnhp"=hex:6b,61,6e,63,68,6d,65,6e,66,6b,62,62,6b,65,67,6d,65,70,
68,6e,69,65,00,00
"haeflijhfahndldf"=hex:6b,61,6e,63,68,6d,65,6e,66,6b,62,62,6b,65,67,6d,65,70,
68,6e,69,65,00,00
"hajgeemmbjmdogbj"=hex:66,61,6e,63,6f,6c,66,61,65,64,62,64,00,00

[HKEY_USERS\software\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"

[HKEY_USERS\software\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_USERS\software\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe"

[HKEY_USERS\software\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_USERS\software\Classes\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"

[HKEY_USERS\software\Classes\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash9b.ocx"
"ThreadingModel"="Apartment"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_USERS\software\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_USERS\software\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_USERS\software\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_USERS\software\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_USERS\software\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_USERS\software\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)

[HKEY_USERS\software\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"

[HKEY_USERS\software\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""

[HKEY_USERS\software\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
Heure de fin: 2009-04-30 16:28
ComboFix-quarantined-files.txt 2009-04-30 14:28

Avant-CF: 51 231 604 736 octets libres
Après-CF: 50 892 283 904 octets libres

216 --- E O F --- 2009-04-29 11:14


2/
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, April 30, 2009 6:47:46 PM
Système d'exploitation : Home Edition, Service Pack 1 (Build 6001)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 30/04/2009
Enregistrements dans la base antivirus Kaspersky : 1910890
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\

Statistiques de l'analyse:
Total d'objets analysés: 182941
Nombre de virus trouvés: 4
Nombre d'objets infectés: 25 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:24:34

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Program Files\Alcohol Soft\StarWind\logs\sw_ae-20090430-152247.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.Crwl L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1447.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.Crwl L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1447.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.Crwl L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001B.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001E.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1447.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.Crwl L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.262.gthr L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Wind

Bonsoir,

Désolé pour le retard.

Ton rapport Kaspersky est incomplet. Peux-tu le reposter dans un nouveau message ?


Cordialement.

KASPERSKY ON-LINE SCANNER REPORT
Wednesday, May 06, 2009 8:10:40 PM
Système d'exploitation : Home Edition, Service Pack 1 (Build 6001)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 6/05/2009
Enregistrements dans la base antivirus Kaspersky : 1935504


Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai

Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Statistiques de l'analyse
Total d'objets analysés 192590
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:29:31

Nom de l'objet infecté Nom du virus Dernière action
C:\Boot\BCD L'objet est verrouillé ignoré

C:\Boot\BCD.LOG L'objet est verrouillé ignoré

C:\Program Files\Alcohol Soft\StarWind\logs\sw_ae-20090506-180137.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.Crwl L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1464.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.Crwl L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1464.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.Crwl L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1464.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.Crwl L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001F.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010021.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010022.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1464.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\07fc09cb3250ada74bbef5b050d37676_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c269ce6e3c8ce21fcae631d64dde359_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\2574a78b63c8a6e4221799e5d2677062_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\3e1bc02203a8ebdb55ae61ee003e7888_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\4f4c268e2dcc48c2ff34b0f7fe547439_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\50498d972563daef7a22a52757b1e054_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\52e52837938ade127b203fd216328d4a_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\542233c2ad9399e0f0ad349fd04de7f4_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\6adf847ef6b717ceae159cb77e70e9ac_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\706db6141ffdbdb4d0738c4a2090603f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\87483761544de927f0ebb0b33d506407_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\926543d2dfc6937e9127557a200ceb1c_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\9cecc015cb16429d5003362358d59370_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\a3a94c0c6bba527d5b3a0e6b416e98fa_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\aa5469637b2b6f25a34899f35a5e4863_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b19164c14122f8220aa641129776c288_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\b9223b85f7d30a56f362f77d56c533d2_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d50186d3b8ca6590e6f7b62b01692c88_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\d84ff6f484ea95c1e1925094960aa69f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\df653b17f67aeda3e537fc6fb59a9bd7_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\dfbb305b3d7e32d022a63c08c13f7ac0_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e75d57d725a9d7ececedb8fa42a3d283_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\e8319b5b1c0550f180326aa7c8795f5d_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f725fa0343fead08d09f3bff21a7c45f_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\f775ca4769cb23ad3a775071aea03bed_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff41cce9559518e644a9375467882590_c6e3ad46-7a1a-476b-a3c3-5d98a119d4c0 L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.Crwl L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.267.gthr L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb L'objet est verrouillé ignoré

C:\ProgramData\Application Data\Applicati

Bonsoir,

Le rapport ne tient toujours pas dans un message.
Poste uniquement les ligne indiquant les éléments infectés.


Cordialement.

Bonjour re-voici :

Tout est marqué comme etant verrouillé "L'objet est verrouillé "


Et sinon 1 seul infecté :

C:\Windows\winsxs\x86_macrovision-protection-safedisc_31bf3856ad364e35_6.0.6000.16386_none_5b761551c05a7af8\secdrv.sys Infecté : Trojan.Win32.Pakes.miu ignoré


Voila

Bonjour,

Désactive tous tes logiciels de sécurité durant la procédure.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Cordialement.

Merci :


ComboFix 09-05-06.08 - Mathieu 07/05/2009 17:27.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1236 [GMT 2:00]
Lancé depuis: c:\users\Mathieu\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Mathieu\Desktop\CFScript.txt

FILE ::
c:\windows\System32\drivers\secdrv.sys
c:\windows\winsxs\x86_macrovision-protection-safedisc_31bf3856ad364e35_6.0.6000.16386_none_5b761551c05a7af8\secdrv.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\drivers\secdrv.sys
c:\windows\winsxs\x86_macrovision-protection-safedisc_31bf3856ad364e35_6.0.6000.16386_none_5b761551c05a7af8\secdrv.sys

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SECDRV
-------\Service_secdrv


((((((((((((((((((((((((((((( Fichiers créés du 2009-04-07 au 2009-05-07 ))))))))))))))))))))))))))))))))))))
.

2009-05-01 16:38 . 2009-05-01 16:38 -------- d-----w c:\users\Public\Pictures
2009-05-01 07:13 . 2009-05-01 07:13 -------- d-----r c:\users\Public\Music
2009-04-30 14:30 . 2009-04-30 14:30 -------- d-----w c:\windows\system32\Kaspersky Lab
2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----r c:\users\Public\Documents
2009-04-22 15:03 . 2009-04-23 11:22 -------- d-----w c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-07 14:53 . 2006-11-02 15:48 713304 ----a-w c:\windows\system32\perfh00C.dat
2009-05-07 14:53 . 2006-11-02 15:48 143336 ----a-w c:\windows\system32\perfc00C.dat
2009-04-23 17:32 . 2008-01-13 10:08 86760 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-04-23 17:32 . 2008-01-12 11:13 8224 ----a-w c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-23 11:28 . 2008-01-12 12:36 -------- d-----w c:\program files\Windows Live
2009-04-23 11:20 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-23 11:20 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-23 11:20 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-18 15:22 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-29 08:31 . 2009-03-29 08:31 262144 ----a-w c:\progra~2\ntuser.dat
2009-03-29 08:31 . 2008-10-04 09:58 -------- d-----w c:\program files\HP
2009-03-29 06:34 . 2009-03-29 09:53 290816 ----a-w c:\windows\system32\TubeFinder.exe
2009-03-28 10:54 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Common Files\xing shared
2009-03-26 12:20 . 2009-03-26 12:19 -------- d-----w c:\program files\Common Files\Real
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Real
2009-03-26 12:01 . 2008-01-12 12:23 -------- d-----w c:\program files\CCleaner
2009-03-25 11:52 . 2008-12-11 18:00 -------- d-----w c:\program files\Java
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\DivX
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-17 20:55 . 2008-01-12 11:51 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-03-17 17:41 . 2009-03-17 17:15 -------- d-----w c:\program files\MSECACHE
2009-03-17 03:38 . 2009-04-18 12:31 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-18 12:31 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-13 14:40 . 2009-03-13 14:40 118 ----a-w c:\windows\sfi2007.sys
2009-03-09 17:48 . 2009-03-09 17:48 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 04:19 . 2008-12-03 12:38 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-03 04:46 . 2009-04-18 12:31 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-18 12:31 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-18 12:31 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-18 12:31 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-18 12:31 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-18 12:31 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-18 12:31 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-18 12:31 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-18 12:31 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-18 12:31 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-18 12:31 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-18 12:31 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-18 12:31 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-02-13 08:49 . 2009-04-18 12:31 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-18 12:31 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 17:31 2033152 ----a-w c:\windows\system32\win32k.sys
2007-10-31 20:25 . 2007-10-31 20:25 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-04-30_14.26.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-10 13:14 . 2009-05-07 13:26 76380 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-07-10 13:14 . 2009-04-30 13:24 76380 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-01-12 12:04 . 2009-04-30 13:24 14644 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2025882112-483618389-2567441031-1001_UserData.bin
+ 2008-01-12 12:04 . 2009-05-07 13:26 14644 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2025882112-483618389-2567441031-1001_UserData.bin
+ 2008-08-13 13:03 . 2008-08-13 13:03 65536 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2008-07-18 11:13 . 2008-07-18 11:13 20992 c:\windows\System32\hpzisn12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 29696 c:\windows\System32\hpzipt12.dll
- 2006-11-08 14:35 . 2006-11-08 14:35 29696 c:\windows\System32\hpzipt12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 33792 c:\windows\System32\HPZipr12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 53760 c:\windows\System32\HPZipm12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 44032 c:\windows\System32\HPZinw12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 49152 c:\windows\System32\HPZidr12.dll
- 2006-11-08 14:35 . 2006-11-08 14:35 49152 c:\windows\System32\HPZidr12.dll
+ 2008-03-04 19:44 . 2008-03-04 19:44 39936 c:\windows\System32\hpbpro.dll
+ 2008-03-04 19:45 . 2008-03-04 19:45 25600 c:\windows\System32\hpboid.dll
+ 2008-03-04 19:44 . 2008-03-04 19:44 24576 c:\windows\System32\hpbmiapi.dll
+ 2007-11-05 08:53 . 2009-05-07 15:18 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-11-05 08:53 . 2009-05-07 15:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-11-05 08:53 . 2009-05-07 15:18 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-03-04 19:44 . 2008-03-04 19:44 7680 c:\windows\System32\hpbprops.dll
+ 2008-03-04 19:45 . 2008-03-04 19:45 7680 c:\windows\System32\hpboidps.dll
+ 2006-11-02 13:05 . 2009-05-07 13:26 119906 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2009-05-07 14:53 625384 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-04-30 14:21 625384 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-07 14:53 116946 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-04-30 14:21 116946 c:\windows\System32\perfc009.dat
+ 2008-08-13 13:03 . 2008-08-13 13:03 798720 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2005-05-16 17:34 . 2005-05-16 17:34 213048 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-04-24 08:33 . 2007-04-24 08:33 114688 c:\windows\System32\hplbdchn.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\axcmd.exe" [2007-12-22 221056]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-03-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{313319BD-A16C-4BB5-B293-64ACF25BDDC8}"= UDP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{E05F9295-9E0E-487C-8A88-7604B9B808B2}"= TCP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{104405FC-4BB7-447F-98AB-5B0E20CAA111}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{6AF2C579-931F-49E9-A13D-C9E1271446E5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DF64BE8-8FFA-44FD-86B4-BB3B8592FC02}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E52BD271-FDF1-46F2-8E8F-B3F67C1FBEFA}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{B6D431D0-650B-4695-A7B3-DBBDCD368BBA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3B095CE6-61B0-4038-8B55-328EAA7AEA12}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{81D1B0ED-9BC1-4FDC-A50D-A2FAFB4FE17C}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{99CE68E4-1235-4018-83AD-4F81F794291B}"= UDP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"{73426BA3-23DB-4653-8F8E-48EE67CBE674}"= TCP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"TCP Query User{55A2894A-8060-4525-B20D-D88D0D3E2572}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{ACF412A8-AD3E-4091-ADFD-4AF39B875319}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{A39E1851-6F77-4C4F-9B77-92379C638190}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{FB30753B-A17E-4F9E-AFB1-D586F4FE2643}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player

R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [04/03/2008 13:56 137344]
R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [04/03/2008 13:56 12032]
R3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\System32\drivers\mr97310v.sys [07/03/2006 18:43 111872]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [10/07/2007 23:29 46592]
R3 Tetris;Tetris driver;c:\windows\System32\drivers\Tetris.sys [04/03/2008 13:53 48928]
S3 CAM1210;USB Video Camera;c:\windows\System32\drivers\cam1210.sys [09/01/2007 12:35 91776]
S3 SiS6350;SiS6350;c:\windows\System32\drivers\SISGRKMD.sys [10/07/2007 23:29 454520]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.neufportail.fr/
mStart Page = hxxp://www.google.com
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {C2B218E3-51B5-434A-8775-34E10D41BD45} = 192.168.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-07 17:31
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2025882112-483618389-2567441031-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4C424EDF-3FEA-6BEB-AF99-FE688C25294B}*]
"iakffkcjcldonmbnhp"=hex:6b,61,6e,63,68,6d,65,6e,66,6b,62,62,6b,65,67,6d,65,70,
68,6e,69,65,00,00
"haeflijhfahndldf"=hex:6b,61,6e,63,68,6d,65,6e,66,6b,62,62,6b,65,67,6d,65,70,
68,6e,69,65,00,00
"hajgeemmbjmdogbj"=hex:66,61,6e,63,6f,6c,66,61,65,64,62,64,00,00
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\conime.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Alcohol Soft\StarWind\StarWindServiceAE.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2009-05-07 17:35 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-07 15:35

Avant-CF: 43 475 689 472 octets libres
Après-CF: 43 083 431 936 octets libres

218 --- E O F --- 2009-05-06 11:58

Bonsoir,

Le service infectieux à été supprimer. Il faut à présent supprimer des clés de registre associées :

Désactive tous tes logiciels de sécurité durant la procédure.

1) Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture



- Une fenêtre bleue va apparaître. Tape 1 si nécessaire.
- Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis.

- Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


Comment se comporte le système ?


Cordialement.

Bonjour voici le nouveau rapport :

ComboFix 09-05-07.06 - Mathieu 08/05/2009 10:00.4 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.2047.1238 [GMT 2:00]
Lancé depuis: c:\users\Mathieu\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Mathieu\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-08 au 2009-05-08 ))))))))))))))))))))))))))))))))))))
.

2009-05-01 16:38 . 2009-05-01 16:38 -------- d-----w c:\users\Public\Pictures
2009-05-01 07:13 . 2009-05-01 07:13 -------- d-----r c:\users\Public\Music
2009-04-30 14:30 . 2009-04-30 14:30 -------- d-----w c:\windows\system32\Kaspersky Lab
2009-04-23 15:32 . 2009-04-23 15:32 -------- d-----r c:\users\Public\Documents
2009-04-22 15:03 . 2009-04-23 11:22 -------- d-----w c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-08 07:26 . 2006-11-02 15:48 713304 ----a-w c:\windows\system32\perfh00C.dat
2009-05-08 07:26 . 2006-11-02 15:48 143336 ----a-w c:\windows\system32\perfc00C.dat
2009-04-23 17:32 . 2008-01-13 10:08 86760 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-04-23 17:32 . 2008-01-12 11:13 8224 ----a-w c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-23 11:28 . 2008-01-12 12:36 -------- d-----w c:\program files\Windows Live
2009-04-23 11:20 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-23 11:20 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-23 11:20 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-18 15:22 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-29 08:31 . 2009-03-29 08:31 262144 ----a-w c:\progra~2\ntuser.dat
2009-03-29 08:31 . 2008-10-04 09:58 -------- d-----w c:\program files\HP
2009-03-29 06:34 . 2009-03-29 09:53 290816 ----a-w c:\windows\system32\TubeFinder.exe
2009-03-28 10:54 . 2007-07-10 13:07 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Common Files\xing shared
2009-03-26 12:20 . 2009-03-26 12:19 -------- d-----w c:\program files\Common Files\Real
2009-03-26 12:20 . 2009-03-26 12:20 -------- d-----w c:\program files\Real
2009-03-26 12:01 . 2008-01-12 12:23 -------- d-----w c:\program files\CCleaner
2009-03-25 11:52 . 2008-12-11 18:00 -------- d-----w c:\program files\Java
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\DivX
2009-03-19 19:52 . 2009-03-19 19:52 -------- d-----w c:\program files\Common Files\DivX Shared
2009-03-17 20:55 . 2008-01-12 11:51 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-03-17 17:41 . 2009-03-17 17:15 -------- d-----w c:\program files\MSECACHE
2009-03-17 03:38 . 2009-04-18 12:31 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-18 12:31 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-13 14:40 . 2009-03-13 14:40 118 ----a-w c:\windows\sfi2007.sys
2009-03-09 17:48 . 2009-03-09 17:48 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 04:19 . 2008-12-03 12:38 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-05-08 07:50 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-08 07:50 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-08 07:50 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-08 07:50 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-08 07:50 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-08 07:50 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-08 07:50 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-08 07:50 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-08 07:50 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-08 07:50 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-08 07:50 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-08 07:50 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-08 07:50 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-08 07:50 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-08 07:50 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-08 07:50 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-08 07:50 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-08 07:50 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-18 12:31 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-18 12:31 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-18 12:31 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-18 12:31 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-18 12:31 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-18 12:31 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-18 12:31 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-18 12:31 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-18 12:31 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-18 12:31 17408 ----a-w c:\windows\system32\iashost.exe
2009-02-13 08:49 . 2009-04-18 12:31 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-18 12:31 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 17:31 2033152 ----a-w c:\windows\system32\win32k.sys
2007-10-31 20:25 . 2007-10-31 20:25 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-04-30_14.26.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-08 07:50 . 2009-03-08 11:32 94720 c:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iernonce.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 59904 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_8.0.6001.18702_none_3d86a1c07a097782\icardie.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 34816 c:\windows\winsxs\x86_microsoft-windows-ie-imagesupport_31bf3856ad364e35_8.0.6001.18702_none_20dfeb2e08d9ec0a\imgutil.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 66560 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\wextract.exe
+ 2009-05-08 07:50 . 2009-03-08 11:31 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_8.0.6001.18702_none_d658a8dacff20c9e\mshtmler.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 66560 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.6001.18702_none_2b140bc159303551\mshtmled.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 45568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.6001.18702_none_3c45119b1f28ff3d\mshta.exe
+ 2009-05-08 07:50 . 2009-03-08 11:31 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedssync.exe
+ 2009-05-08 07:50 . 2009-03-08 11:31 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedsbs.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 43008 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.6001.18702_none_accc7a4465be292a\licmgr10.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\admparse.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\WininetPlugin.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\jsproxy.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 18944 c:\windows\winsxs\x86_microsoft-windows-i..tivexpolicyprovider_31bf3856ad364e35_8.0.6001.18702_none_6f561c09617d9439\corpol.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 46592 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll
- 2007-07-10 13:14 . 2009-04-30 13:24 76380 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-07-10 13:14 . 2009-05-08 07:57 76380 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-01-12 12:04 . 2009-05-08 07:57 14692 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2025882112-483618389-2567441031-1001_UserData.bin
+ 2009-05-08 07:50 . 2009-03-08 11:31 46592 c:\windows\System32\pngfilt.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 66560 c:\windows\System32\mshtmled.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 13312 c:\windows\System32\msfeedssync.exe
+ 2009-05-08 07:50 . 2009-03-08 11:31 55296 c:\windows\System32\msfeedsbs.dll
- 2008-04-09 11:39 . 2008-02-22 05:01 64512 c:\windows\System32\migration\WininetPlugin.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 64512 c:\windows\System32\migration\WininetPlugin.dll
+ 2008-08-13 13:03 . 2008-08-13 13:03 65536 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 25600 c:\windows\System32\jsproxy.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 94720 c:\windows\System32\inseng.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 55808 c:\windows\System32\iernonce.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 59904 c:\windows\System32\icardie.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 20992 c:\windows\System32\hpzisn12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 29696 c:\windows\System32\hpzipt12.dll
- 2006-11-08 14:35 . 2006-11-08 14:35 29696 c:\windows\System32\hpzipt12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 33792 c:\windows\System32\HPZipr12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 53760 c:\windows\System32\HPZipm12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 44032 c:\windows\System32\HPZinw12.dll
+ 2008-07-18 11:13 . 2008-07-18 11:13 49152 c:\windows\System32\HPZidr12.dll
- 2006-11-08 14:35 . 2006-11-08 14:35 49152 c:\windows\System32\HPZidr12.dll
+ 2008-03-04 19:44 . 2008-03-04 19:44 39936 c:\windows\System32\hpbpro.dll
+ 2008-03-04 19:45 . 2008-03-04 19:45 25600 c:\windows\System32\hpboid.dll
+ 2008-03-04 19:44 . 2008-03-04 19:44 24576 c:\windows\System32\hpbmiapi.dll
+ 2007-11-05 08:53 . 2009-05-08 07:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-11-05 08:53 . 2009-05-08 07:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-11-05 08:53 . 2009-05-08 07:56 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-11-05 08:53 . 2009-04-30 14:21 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-08 07:50 . 2009-03-08 11:35 2048 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18702_none_83daaad046b59436\iecompat.dll
+ 2008-03-04 19:44 . 2008-03-04 19:44 7680 c:\windows\System32\hpbprops.dll
+ 2008-03-04 19:45 . 2008-03-04 19:45 7680 c:\windows\System32\hpboidps.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.18702_none_2b4525a943b273a6\vbscript.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18702_none_65cb0af10cefc76a\jscript.dll
+ 2009-05-08 07:50 . 2009-03-08 11:22 156160 c:\windows\winsxs\x86_microsoft-windows-msls31_31bf3856ad364e35_8.0.6001.18702_none_aeeaf610b83f2e48\msls31.dll
+ 2009-05-08 07:50 . 2009-03-08 11:35 121344 c:\windows\winsxs\x86_microsoft-windows-js-debuggeride_31bf3856ad364e35_8.0.6001.18702_none_1de359b6148047cc\jsdebuggeride.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 256000 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_8.0.6001.18702_none_cb86fb78a76dcdde\ieinstal.exe
+ 2009-05-08 07:50 . 2009-03-08 11:22 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieui.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 105984 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.6001.18702_none_d315f3a07395d0ed\url.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 208384 c:\windows\winsxs\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_8.0.6001.18702_none_d4a239fe30224f93\WinFXDocObj.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 759296 c:\windows\winsxs\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_8.0.6001.18702_none_d02233c4fe8667df\VGX.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18702_none_fe7d3c2acfc7f690\iesysprep.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\ie4uinit.exe
+ 2009-05-08 07:50 . 2009-03-08 21:09 140128 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\sqmapi.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 193536 c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_8.0.6001.18702_none_aa7d60ae7286ab24\msrating.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 109568 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\PDMSetup.exe
+ 2009-05-08 07:50 . 2009-01-08 01:20 355832 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\pdm.dll
+ 2009-05-08 07:50 . 2009-01-08 01:20 265720 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\msdbg2.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 236544 c:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 109568 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_1a118a8629ee860e\occache.dll
+ 2009-05-08 07:50 . 2009-03-08 11:35 233984 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilerui_31bf3856ad364e35_8.0.6001.18702_none_d5ea1c01e3fe67ea\jsprofilerui.dll
+ 2009-05-08 07:50 . 2009-03-08 11:35 118272 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilercore_31bf3856ad364e35_8.0.6001.18702_none_ed92bec9472aab53\JSProfilerCore.dll
+ 2009-05-08 07:50 . 2009-03-08 11:35 521216 c:\windows\winsxs\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_8.0.6001.18702_none_9d577137e370ad2c\jsdbgui.dll
+ 2009-05-08 07:50 . 2009-03-08 21:09 638816 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 132608 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\ieUnatt.exe
+ 2009-05-08 07:50 . 2009-03-08 11:35 144384 c:\windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_8.0.6001.18702_none_10e8e2fad95106ab\ExtExport.exe
+ 2009-05-08 07:50 . 2009-03-08 11:32 169472 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\iexpress.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 196096 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18702_none_2a78524fb0047330\IEShims.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 246784 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18702_none_731a06b9605c0cc2\ieproxy.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 115712 c:\windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_8.0.6001.18702_none_e9612e8087062a88\ielowutil.exe
+ 2009-05-08 07:51 . 2009-04-25 12:39 102400 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22867_none_842869855fff5a59\iecompat.dll
+ 2009-05-08 07:51 . 2009-04-25 03:31 102400 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18777_none_8393fcce46e9d680\iecompat.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_8.0.6001.18702_none_a0d17792aa595b3e\iecleanup.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 103936 c:\windows\winsxs\x86_microsoft-windows-ie-gc-setdepnx_31bf3856ad364e35_8.0.6001.18702_none_9396116207a33bbc\SetDepNx.exe
+ 2009-05-08 07:50 . 2009-03-08 11:33 107520 c:\windows\winsxs\x86_microsoft-windows-ie-gc-registeriepkeys_31bf3856ad364e35_8.0.6001.18702_none_0ad3f877399acafc\RegisterIEPKEYs.exe
+ 2009-05-08 07:50 . 2009-03-08 11:32 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18702_none_42d1aca65041d4fb\msfeeds.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 216064 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtrans.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 348160 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtmsft.dll
+ 2009-05-08 07:50 . 2009-03-08 11:35 742912 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.18702_none_1e902f2a55a1ce84\iedvtool.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 183808 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18702_none_1faea70907d94aa5\iepeers.dll
+ 2009-05-08 07:50 . 2009-03-08 11:11 445952 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 163840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieakui.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 229376 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieaksie.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitengine_31bf3856ad364e35_8.0.6001.18702_none_87015889ddff063f\ieakeng.dll
+ 2009-05-08 07:50 . 2009-03-08 21:09 391536 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18702_none_573b8ed36d48a30a\iedkcs32.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 914944 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18702_none_c3b0c8fe923e1b1f\mstime.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 107008 c:\windows\winsxs\x86_microsoft-windows-i..-setieinstalleddate_31bf3856ad364e35_8.0.6001.18702_none_eb622404d6d4cb81\SetIEInstalledDate.exe
+ 2009-05-08 07:50 . 2009-03-08 11:32 128512 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_8.0.6001.18702_none_8eb687d4089bfe4d\advpack.dll
- 2008-03-21 16:36 . 2008-01-19 07:33 208384 c:\windows\System32\WinFXDocObj.exe
+ 2009-05-08 07:50 . 2009-03-08 11:34 208384 c:\windows\System32\WinFXDocObj.exe
+ 2009-05-08 07:50 . 2009-03-08 11:34 236544 c:\windows\System32\webcheck.dll
+ 2006-11-02 13:05 . 2009-05-08 07:57 120068 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-03-21 16:35 . 2008-01-19 07:36 105984 c:\windows\System32\url.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 105984 c:\windows\System32\url.dll
+ 2006-11-02 10:33 . 2009-05-08 07:26 625384 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-04-30 14:21 625384 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-08 07:26 116946 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-04-30 14:21 116946 c:\windows\System32\perfc009.dat
+ 2009-05-08 07:50 . 2009-03-08 11:34 109568 c:\windows\System32\occache.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 611840 c:\windows\System32\mstime.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 193536 c:\windows\System32\msrating.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 594432 c:\windows\System32\msfeeds.dll
+ 2008-08-13 13:03 . 2008-08-13 13:03 798720 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2005-05-16 17:34 . 2005-05-16 17:34 213048 c:\windows\System32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 726528 c:\windows\System32\jscript.dll
+ 2009-05-08 07:50 . 2009-03-08 11:22 164352 c:\windows\System32\ieui.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 183808 c:\windows\System32\iepeers.dll
+ 2009-05-08 07:50 . 2009-03-08 21:09 391536 c:\windows\System32\iedkcs32.dll
+ 2009-05-08 07:50 . 2009-03-08 11:11 445952 c:\windows\System32\ieapfltr.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 163840 c:\windows\System32\ieakui.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 229376 c:\windows\System32\ieaksie.dll
+ 2009-05-08 07:50 . 2009-03-08 11:33 125952 c:\windows\System32\ieakeng.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 173056 c:\windows\System32\ie4uinit.exe
+ 2007-04-24 08:33 . 2007-04-24 08:33 114688 c:\windows\System32\hplbdchn.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 216064 c:\windows\System32\dxtrans.dll
+ 2009-05-08 07:50 . 2009-03-08 11:31 348160 c:\windows\System32\dxtmsft.dll
- 2009-03-19 15:55 . 2009-03-29 08:40 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-03-19 15:55 . 2009-05-08 07:56 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-08 07:50 . 2009-03-08 11:32 128512 c:\windows\System32\advpack.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 1985024 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\iertutil.dll
+ 2009-05-08 07:50 . 2009-03-08 11:41 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
+ 2009-05-08 07:50 . 2009-02-07 04:07 3698584 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dat
+ 2009-05-08 07:50 . 2009-03-08 11:34 1206784 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18702_none_97ce3a35ec955bb0\urlmon.dll
+ 2009-05-08 07:50 . 2009-03-08 11:34 1206784 c:\windows\System32\urlmon.dll
- 2006-11-02 10:22 . 2009-04-18 16:48 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 10:22 . 2009-05-08 08:02 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-05-08 07:50 . 2009-03-08 11:41 5937152 c:\windows\System32\mshtml.dll
+ 2009-05-08 07:50 . 2009-03-08 11:32 1985024 c:\windows\System32\iertutil.dll
+ 2009-05-08 07:50 . 2009-02-07 04:07 3698584 c:\windows\System32\ieapfltr.dat
+ 2009-05-08 07:59 . 2009-05-08 07:59 6369280 c:\windows\ERDNT\Hiv-backup\schema.dat
+ 2009-05-08 07:50 . 2009-03-08 11:39 11063808 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieframe.dll
+ 2008-02-14 06:58 . 2009-05-08 07:51 81840498 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-05-08 07:50 . 2009-03-08 11:39 11063808 c:\windows\System32\ieframe.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"AlcoholAutomount"="c:\program files\Alcohol Soft\axcmd.exe" [2007-12-22 221056]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-03-18 5724184]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-10 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-26 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-06-20 4493312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2025882112-483618389-2567441031-1001]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1559055D-B1E4-4576-B221-EC793993CEC3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{313319BD-A16C-4BB5-B293-64ACF25BDDC8}"= UDP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{E05F9295-9E0E-487C-8A88-7604B9B808B2}"= TCP:d:\jeux\PES\PES2008.exe:Pro Evolution Soccer 2008
"{104405FC-4BB7-447F-98AB-5B0E20CAA111}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{6AF2C579-931F-49E9-A13D-C9E1271446E5}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DF64BE8-8FFA-44FD-86B4-BB3B8592FC02}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{E52BD271-FDF1-46F2-8E8F-B3F67C1FBEFA}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{B6D431D0-650B-4695-A7B3-DBBDCD368BBA}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3B095CE6-61B0-4038-8B55-328EAA7AEA12}"= UDP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{81D1B0ED-9BC1-4FDC-A50D-A2FAFB4FE17C}"= TCP:c:\program files\SFR\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player SFR)
"{99CE68E4-1235-4018-83AD-4F81F794291B}"= UDP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"{73426BA3-23DB-4653-8F8E-48EE67CBE674}"= TCP:c:\users\Mathieu\AppData\Local\Temp\7zS84C8.tmp\SymNRT.exe:Norton Removal Tool
"TCP Query User{55A2894A-8060-4525-B20D-D88D0D3E2572}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{ACF412A8-AD3E-4091-ADFD-4AF39B875319}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{A39E1851-6F77-4C4F-9B77-92379C638190}c:\\program files\\videolan\\vlc\\vlc.exe"= UDP:c:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{FB30753B-A17E-4F9E-AFB1-D586F4FE2643}c:\\program files\\videolan\\vlc\\vlc.exe"= TCP:c:\program files\videolan\vlc\vlc.exe:VLC media player

R2 litsgt;litsgt;c:\windows\System32\drivers\litsgt.sys [04/03/2008 13:56 137344]
R2 tansgt;tansgt;c:\windows\System32\drivers\tansgt.sys [04/03/2008 13:56 12032]
R3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\System32\drivers\mr97310v.sys [07/03/2006 18:43 111872]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [10/07/2007 23:29 46592]
R3 Tetris;Tetris driver;c:\windows\System32\drivers\Tetris.sys [04/03/2008 13:53 48928]
S3 CAM1210;USB Video Camera;c:\windows\System32\drivers\cam1210.sys [09/01/2007 12:35 91776]
S3 SiS6350;SiS6350;c:\windows\System32\drivers\SISGRKMD.sys [10/07/2007 23:29 454520]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14623180-f0f3-11dc-abc9-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a664144-cf26-11dc-b9fa-001c254dd96f}]
\shell\AutoRun\command - L:\LaunchU3.exe -a

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-05-08 c:\windows\Tasks\User_Feed_Synchronization-{1333DB62-6C10-4509-A4D7-67A7668BFE35}.job
- c:\windows\system32\msfeedssync.exe [2009-05-08 11:31]
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://www.google.com
mWindow Title =
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 10:04
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(2684)
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\conime.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Alcohol Soft\StarWind\StarWindServiceAE.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Heure de fin: 2009-05-08 10:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-08 08:09

Avant-CF: 42 707 144 704 octets libres
Après-CF: 42 404 229 120 octets libres

335 --- E O F --- 2009-05-08 07:51

Bonsoir,

Le rapport ne révèle plus rien. As-tu encore des problèmes ?

Cordialement.

Il me semble que je n'ai plus de probleme


merci

Bonsoir,

Suppression des outils utilisés

1) Télécharge ToolsCleaner2 de A.Rothstein et enregistre-le sur ton bureau.


2) Double-clique sur ToolsCleaner2.exe pour lancer l'outil.

- Clique sur le bouton Recherche.
- Une fois la recherche terminée, clique sur le bouton Suppression.

- Copie/colle le rapport et poste-le dans ta prochaine réponse.

Tu peux ensuite supprimer ToolsCleaner.


Cordialement.

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Qoobox: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Mathieu\Downloads\ComboFix.exe: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Users\Mathieu\Downloads\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Bonsoir,

Supprime C:\Users\Mathieu\Downloads\ComboFix.exe et c'est terminé.


Quelques conseils de sécurité


Je te conseille également la lecture de ce document.

Si tu désires mieux connaître le domaine de la sécurité informatique, je ne peux que t'encourager à visiter le site de Malekal_Morte.


Cordialement.

MERCI

De rien.