Bonjour à tous, je viens de faire un checkup avec MWB et il me trouve une Back door que je ne peux plus virer, merci pour l'aide des personnes qui savent quoi faire. ci-joint un apport MWB t tout ce que je suis capable de donner comme info sur le sujet.


Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3896
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18882

22/03/2010 12:36:28
mbam-log-2010-03-22 (12-36-28).txt

Type de recherche: Examen rapide
Eléments examinés: 99626
Temps écoulé: 5 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\protect_ie (Backdoor.Celofot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


PS:
Évidement que la mise en quarantaine ne c'est pas faite et si je re-scanne il apparait de nouveau

suite des infos
Logfile of random's system information tool 1.06 (written by random/random)
Run by Chouquette at 2010-03-22 13:38:27
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 85 GB (76%) free of 113 GB
Total RAM: 2037 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:39:06, on 22/03/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Chouquette\Desktop\RSIT.exe
C:\Program Files\trend micro\Chouquette.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = CHOUQUETTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] "C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0184421259669113) (0184421259669113mcinstcleanup) - Unknown owner - C:\Windows\TEMP\018442~1.EXE (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

--
End of file - 7791 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-07-08 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-01-07 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-08 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-07-23 120608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-01-07 2436160]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-07-23 120608]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-08 3772416]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-10-29 102400]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"DontSetAutoplayCheckbox"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45d679fe-5deb-11dd-bc48-00a0d166d0f6}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe FS6519.dll.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48e916d6-e009-11de-884f-00a0d166d0f6}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\patriciA.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a24f1e7-05ee-11dd-b5db-00a0d166d0f6}]
shell\AutoRun\command - E:\PStart.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78a7e0bc-1d3e-11dd-9316-00a0d166d0f6}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f30010fd-ee69-11dc-9b29-00a0d166d0f6}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe FS6519.dll.vbs


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -

======List of files/folders created in the last 1 months======

2010-03-22 13:21:32 ----D---- C:\Program Files\trend micro
2010-03-22 13:21:31 ----D---- C:\rsit
2010-03-22 11:34:46 ----D---- C:\Windows\166E180E9A3F41AE8B4022D8FFF4AF87.TMP
2010-03-11 09:00:35 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 09:00:32 ----A---- C:\Windows\system32\httpapi.dll
2010-03-05 13:00:21 ----D---- C:\Program Files\Logitech
2010-03-04 09:20:57 ----D---- C:\ProgramData\Logitech
2010-03-02 23:22:45 ----D---- C:\Program Files\FreeTime
2010-02-27 10:05:50 ----D---- C:\downloads
2010-02-27 10:05:37 ----D---- C:\RDesc
2010-02-24 07:14:10 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 07:14:04 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 07:13:28 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 07:13:28 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 07:13:27 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 07:13:27 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 07:13:27 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 07:13:27 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 07:13:26 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 07:13:26 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 07:13:26 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 07:11:14 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-24 07:11:14 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 07:11:14 ----A---- C:\Windows\system32\Apphlpdm.dll

======List of files/folders modified in the last 1 months======

2010-03-22 13:38:50 ----D---- C:\Windows\Temp
2010-03-22 13:37:55 ----D---- C:\Windows
2010-03-22 13:35:41 ----D---- C:\Windows\Debug
2010-03-22 13:25:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-22 13:21:32 ----RD---- C:\Program Files
2010-03-22 12:56:54 ----SHD---- C:\System Volume Information
2010-03-22 12:47:21 ----SHD---- C:\Windows\Installer
2010-03-22 12:43:04 ----D---- C:\Users\Chouquette\AppData\Roaming\Skype
2010-03-22 12:35:23 ----D---- C:\Windows\system32\drivers
2010-03-22 12:29:13 ----D---- C:\Windows\Prefetch
2010-03-22 12:09:43 ----D---- C:\Windows\system32\Tasks
2010-03-22 12:09:38 ----RD---- C:\Program Files\Skype
2010-03-22 12:09:35 ----D---- C:\ProgramData\Skype
2010-03-22 12:09:26 ----D---- C:\Program Files\Common Files
2010-03-22 11:36:51 ----D---- C:\Users\Chouquette\AppData\Roaming\Macromedia
2010-03-22 11:35:17 ----D---- C:\Program Files\McAfee
2010-03-11 09:36:54 ----D---- C:\Windows\winsxs
2010-03-11 09:26:16 ----D---- C:\Windows\system32\catroot
2010-03-11 09:26:13 ----D---- C:\Windows\system32\catroot2
2010-03-11 09:21:19 ----D---- C:\Program Files\Windows Mail
2010-03-11 09:21:19 ----D---- C:\Program Files\Movie Maker
2010-03-11 09:21:18 ----D---- C:\Windows\system32\inetsrv
2010-03-11 09:21:18 ----D---- C:\Windows\System32
2010-03-10 14:18:21 ----D---- C:\Users\Chouquette\AppData\Roaming\vlc
2010-03-05 13:45:43 ----D---- C:\ProgramData\Logishrd
2010-03-05 13:45:42 ----D---- C:\Program Files\Common Files\LogiShrd
2010-03-04 20:58:07 ----D---- C:\Windows\inf
2010-03-04 09:20:57 ----HD---- C:\ProgramData
2010-03-04 06:06:10 ----D---- C:\Toshiba
2010-03-04 04:36:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-02 22:56:08 ----RSD---- C:\Windows\assembly
2010-03-02 16:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-03-01 19:32:35 ----D---- C:\Windows\Minidump
2010-03-01 07:03:55 ----D---- C:\Windows\system32\LogFiles
2010-02-28 12:01:30 ----D---- C:\Program Files\CCleaner
2010-02-25 19:01:08 ----SD---- C:\ProgramData\Microsoft
2010-02-24 07:42:52 ----D---- C:\Windows\rescache
2010-02-24 07:21:32 ----D---- C:\Windows\system32\fr-FR
2010-02-24 07:21:31 ----RSD---- C:\Windows\Fonts
2010-02-24 07:21:31 ----D---- C:\Windows\AppPatch
2010-02-24 06:50:26 ----D---- C:\Windows\ShellNew
2010-02-24 06:49:06 ----D---- C:\Program Files\OpenOffice.org 3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2007-12-24 138384]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-18 1651752]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-04-30 265496]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-27 41752]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-08 4456416]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-24 9216]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-02-15 216320]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-02-15 208256]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-15 40960]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-07-23 206112]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-10 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-08-15 9728]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-26 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-15 428152]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 0184421259669113mcinstcleanup;McAfee Application Installer Cleanup (0184421259669113); C:\Windows\TEMP\018442~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-08 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]

-----------------EOF-----------------

dernière info:

suite à ça, je ne peux plus mettre en route mon McAfee Virtual technicia et pas de possibilité de vérifier l'état de mon système de sécurité ( McAfee) non plus....

voici le contenu de la quarantaine sous malwarebyte's

BackDoor.Celofot Regestry Value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\protect_ie(DATA:)

Merci encore à tout ceux qui sauront quoi faire,
Totofnc.

Bonjour Totofnc,

Ok, des choses sont à voir avec nottament des infections se transmettant par voie usb.
Je note aussi concernant McAffee, que l'un de ses services n'est plus actif, peut être est il endommagé ,on prendra le soin de le réinstaller mais un peu plus tard, pour l'instant la machine est infectée.
Pour faire ce qui suit je te demanderai de brancher tout tes supports amovibles (Clefs usb/disque dur externes ...), et de les laisser ainsi tant que je ne t'aurai pas indiqué l'inverse.
Et surtout si tu as la moindre question sur les manip que l'on va faire n'hesites pas à me les poser, on y vas:

1)
Télécharge ce fichier http://senduit.com/ea1569
Enregistre le sur ton bureau.
Double clique dessus pour l'éxécuter.
Poste moi le rapport ensuite qui s'affichera.

2)
Repasse MBAM.
Mets le à jour au préalable.
Vérifies que les supports amovibles restent bien branchés, sélectionnes les pour le scan
Et lance un scan complet de la machine, sur ton rapport :Type de recherche: Examen rapide
Poste moi le rapport qui en découlera

Salut Florinator,

voici le rapport 1, je t'envoie le rapport 2 dès que je termine le scan avec MWBite's


C: - Fixe - Fichier Autorun.inf absent !
D: - CD/DVD - Lecteur non prêt
F: - Amovible - Fichier Autorun.inf absent !

Ok, sois patient le scan peut être long, mais trés utile.

A++

Re

Ben là je suis comme "trompé" il n'y a plus rien ce matin côté infection dans le rapport MWBite's, je te le donne, mais par contre toujours impossible de faire fonctionner l'option de McAfee pour contrôler le bon fonctionnement du reste de mon système de sécurité

rapport de recherche rapide:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

23/03/2010 08:51:58
mbam-log-2010-03-23 (08-51-58).txt

Type de recherche: Examen rapide
Eléments examinés: 102551
Temps écoulé: 6 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

rapport de recherche complète:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3901
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

23/03/2010 08:44:27
mbam-log-2010-03-23 (08-44-27).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 225402
Temps écoulé: 1 hour(s), 17 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
bon ben je reste dans le doute mais je ne me fais pas à l'idée d'un faux positif tout de même.....


Bonne suite à cette analyse de ta part, merci, totofnc.

Hello,

Après plusieurs recherches sur le net j'ai trouvé ça, je sais pas si le lien que je propose est ok pour ici mais je tente le truc, donc voici ce que j'ai trouvé:

http://forum.pcastuces.com/backdoor_cel ... s53869.htm
en claire il semble que ce soit un faut positif mais la question reste posée, est ce que la backdorr est toujours en place et est ce que le "programme" n'a lui pas évolué pour devenir totalement "invisible" !!!!! Donc si cela tente quelqu'un de chez vous d'y répondre et surtout de donner la réponse à toutes ces inquiétudes "informatiques"

Merci encore à tous ceux qui se penche sur le sujet,
Totofnc.

Bonjour,

Oui, effectivement avec ces dires sur le forum de MBAM:


This is being handled in the other thread , should be fixed at this point .

I am trying to get details on in this actually deleted anything on anyone's system . So far it seems to have just been a displayed FP .

Il semble qu'il sagisse d'un faux positif, détecté sur la base de donnée 3896 mais corrigé sur la 3901, d'où l'importance de le mettre à jour avant chaque utilisation.

Ton rapport montre cependant des traces d'infection type usb, les autorun (fichier qui éxécutent l'infection) ne sont pas présent. Surment présent sur un autre support qui se serait branché sur ton système, sois attentif aux clés qui viennent se brancher sur ta machine.

les-infections-se-propageant-par-les-supports-amovibles-t25796.html

On va supprimer ces traces:

Télécharge sur le bureau OTM crée par de Old_Timer

• Enregistre-le sur ton Bureau.
• Double-clique dessus.
  
• Copie la liste qui se trouve dans la zone code ci-dessous et colle-la dans le cadre de gauche sous "Paste instructions for Items to be Moved".

Code: Tout sélectionner

go
:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45d679fe-5deb-11dd-bc48-00a0d166d0f6}]   
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48e916d6-e009-11de-884f-00a0d166d0f6}]     
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78a7e0bc-1d3e-11dd-9316-00a0d166d0f6}]       
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f30010fd-ee69-11dc-9b29-00a0d166d0f6}]     

:Files
C:\ AdobeR.exe
F:\ AdobeR.exe
:Commands
[emptytemp]
 

• Clique sur "MoveIt!" pour lancer la suppression. Le résultat apparaitra alors dans le cadre "Results"
• Copie/Colle ce résultat
• Clique sur Exit pour fermer.

Remarque: Il est possible qu'il te soit demandé de redémarrer ton ordinateur pour supprimer les fichiers,ce redémarrage peut être plus long qu’à l’accoutumé.Accepte et dans ce cas, après redémarrage, tu trouveras justement le rapport dans le dossier C:\OTMoveIt\MovedFiles.

Si ton Bureau ne réapparaît pas:
- Fais CTRL+ALT+SUPP pour ouvrir le Gestionnaire de tâches.
- Clique en haut à gauche sur "Fichier"
- Choisi "Nouvelle tâche" (Exécuter ...)
- Tape "explorer" et valide.
- Cela fera apparaître ton Bureau.

Une fois ceci fait, désinstalle ton antivirus, il semble qu'il est été abîmé par quelque chose, puis réinstalle le.
Dis moi ensuite comment se comporte ta machine
A++

Salut Florinator,

Merci pour les procédures, je ne pourrais les mettre en œuvres que lors que je serrai de retour sur ma bécane.
Je suis tout de même très surpris que McAfee n'ait rien vu passer, cela me désole pour autant que c'est "soit disant" un bon système "complet anti-virus et pare feu" mais bon le monde est ainsi fait....Hi Hi Hi!!!.
Je t'informerai des "choses" qui se produiront après les manips.

Bonne suite et à très bientôt.
Totofnc.

Bonjour Tontonfc,

Ne t'en fait pas, cela ne veut pas dire que Mc affee est un mauvais antivirus, si les antivirus stoppaient toutes les entrées malsaines, ce genre de forum n'existerait pas, les antivirus ont un rôle précis et efficace (pour certains certes) mais les attaques sont multiples et de plus en plus nombreuses, et cela ne va pas s'améliorer vu le système dans lequel on tourne.

Tu dois aider ces protections en restant vigilant, d'où notre rôle de "prévention"
J'attends ce scan.

A++

Salut Florinator,
Voici comme prévu le scan que tu me demande.
J'ai aussi viré mon McAfee pour l'instant, je pense passer à Avira antivir que j'utilise sur une machine déja désinfecté par vos soin sur ce forum et j'en suis très content....
Pour le pare feu je pense à Online Armor ( que j'ai trouvé sur le forum de sécurité ici aussi chez vous).
Voilà pour l'instant, j'attends donc de tes nouvelles pour la suite, merci encore pour ton aide très précieuse.

Totofnc.





All processes killed
Error: Unable to interpret <go> in the current context!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{45d679fe-5deb-11dd-bc48-00a0d166d0f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45d679fe-5deb-11dd-bc48-00a0d166d0f6}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48e916d6-e009-11de-884f-00a0d166d0f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48e916d6-e009-11de-884f-00a0d166d0f6}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78a7e0bc-1d3e-11dd-9316-00a0d166d0f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78a7e0bc-1d3e-11dd-9316-00a0d166d0f6}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f30010fd-ee69-11dc-9b29-00a0d166d0f6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f30010fd-ee69-11dc-9b29-00a0d166d0f6}\ not found.
========== FILES ==========
File/Folder C:\ AdobeR.exe not found.
File/Folder F:\ AdobeR.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chouquette
->Temp folder emptied: 36085 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 64741620 bytes
->FireFox cache emptied: 49151908 bytes
->Apple Safari cache emptied: 32244 bytes
->Opera cache emptied: 53856 bytes
->Flash cache emptied: 1030 bytes

User: Default
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5637800 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 528816 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 18768392 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 317 bytes
RecycleBin emptied: 1404 bytes

Total Files Cleaned = 133,00 mb


OTM by OldTimer - Version 3.1.10.1 log created on 03292010_155121

Files moved on Reboot...
File C:\Windows\temp\TMP00000011D64D99FF4706CC91 not found!

Registry entries deleted on Reboot...

Bonjour,

Oui, tu peux utiliser ces protections
N'en rajoute pas plus, bien paramétré ,mis à jour, de la vigilance et c'est nickel.

Dis moi si tu as d'autres problèmes.

On fait une dernière vérif, fais attention aux infections par supports amovibles, le fait de ne pas avoir trouvé les fichiers infectieux laisse penser qu'ils viennent d'un support autre que les tiens qui seraient venus se brancher sur ta machine:

Télécharge ZHPDiag crée par Nicolas Coolman

• Enregistre le sur ton bureau
• Double clique sur l'icône
• Suis les instructions à l'ecran
• Clique sur pour lancer l'analyse
• Clique sur pour copier le rapport
• Puis colle le dans ta prochaine réponses
• Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPDiag.txt

A++

Hello Florinator,
Je dois te l'envoyé en deux fois il est trop long pour ce que le nombres de caractères m'autorise ici
(71 272 pour 60 000 autorisés)

part1/ Rapport de ZHPDiag v1.25.1341 par Nicolas Coolman
Run by Chouquette at 30/03/2010 08:22:28
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18882
MFIE: Mozilla Firefox (3.6.2pre)

---\\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (53% free)
System drive C: has 77 GB (69%) free of 110 GB

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 110 Go)
D:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK


---\\ Processus lancés
[MD5.6E240D6C2F0DB74BED13AD723D3AB0A1] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904]
[MD5.378A3043BDE4CC8DE41E18C0DF50DBF3] - (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400]
[MD5.466CE40EAA865752F4930A472563E4E1] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760]
[MD5.73BB442A717B9BB0097C243374C14A3E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672]
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153]
[MD5.B7431731D24A8DB473F79087D953F17C] - (.Tall Emu - Online Armor Component.) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe [6658552]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\RocketDock\RocketDock.exe [495616]
[MD5.35937EAD711207544E219C2A19A78A7D] - (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe [125952]


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe


---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils pour IE.) -- c:\program files\google\googletoolbar1.dll


---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynTPStart] . (.Synaptics, Inc. - Synaptics Pointing Device starter.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] . (.Tall Emu - Online Armor Component.) -- C:\Program Files\Tall Emu\Online Armor\oaui.exe
O4 - HKCU\..\Run: [RocketDock] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} . (.not file.) - (.not file.)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\favicon.ico
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)


---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] mcafee.com


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.)
O42 - Logiciel: Adobe Reader 9.3.1 - Français - (.Adobe Systems Incorporated.)
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..)
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.)
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.)
O42 - Logiciel: CCleaner - (.Piriform.)
O42 - Logiciel: Codeur Windows Media Série 9 - (.Microsoft Corporation.)
O42 - Logiciel: Codeur Windows Media Série 9 - (.Pas de propriétaire.)
O42 - Logiciel: Coffret de pilotes Logitech Legacy USB Camera - (.Pas de propriétaire.)
O42 - Logiciel: Coffret de pilotes Logitech QuickCam - (.Pas de propriétaire.)
O42 - Logiciel: Extension de Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.)
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.)
O42 - Logiciel: Glary Utilities 2.21.0.863 - (.Glarysoft Ltd.)
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.)
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.)
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.)
O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..)
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.)
O42 - Logiciel: MSVCRT - (.Microsoft.)
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.)
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.)
O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.)
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.)
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.)
O42 - Logiciel: Mozilla Firefox (3.6.2pre) - (.Mozilla.)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.)
O42 - Logiciel: Online Armor 4.0 - (.Tall Emu Pty Ltd.)
O42 - Logiciel: OpenAL - (.Pas de propriétaire.)
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.)
O42 - Logiciel: OpenOffice.org 3.2 Language Pack (French) - (.OpenOffice.org.)
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.)
O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.)
O42 - Logiciel: Programme d’installation d’Atheros Driver - (.Atheros.)
O42 - Logiciel: RDesc 2.28 - (.Bllua.)
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..)
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.)
O42 - Logiciel: Réducteur de bruit lect. CD/DVD - (.TOSHIBA.)
O42 - Logiciel: Secunia PSI - (.Pas de propriétaire.)
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.)
O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.)
O42 - Logiciel: Skype web features - (.Skype Technologies S.A..)
O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..)
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.)
O42 - Logiciel: Surligneur (Windows Live Toolbar) - (.Microsoft Corporation.)
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.)
O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA.)
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.)
O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.)
O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.)
O42 - Logiciel: TOSHIBA SD Memory Utilities - (.TOSHIBA.)
O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.)
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.)
O42 - Logiciel: TOSHIBA-kontroller - (.Pas de propriétaire.)
O42 - Logiciel: TeraCopy 2.06 - (.Code Sector Inc..)
O42 - Logiciel: Texas Instruments PCIxx21/x515/xx12 drivers. - (.Nom de votre société.)
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.)
O42 - Logiciel: VCRedistSetup - (.Nero AG.)
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.)
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.)
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.)
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.)
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.)
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.)
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.)
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.)
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.)
O42 - Logiciel: Windows Resource Kit Tools - SubInAcl.exe - (.Microsoft Corporation.)
O42 - Logiciel: neroxml - (.Nero AG.)


---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\AGI
O43 - CFD:Common File Directory ----D- C:\Program Files\Atheros
O43 - CFD:Common File Directory ----D- C:\Program Files\AVIConverter
O43 - CFD:Common File Directory ----D- C:\Program Files\Avira
O43 - CFD:Common File Directory ----D- C:\Program Files\BitLord
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Conduit
O43 - CFD:Common File Directory ----D- C:\Program Files\Crawler
O43 - CFD:Common File Directory ----D- C:\Program Files\Dictionnaire
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\DjaSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ESET
O43 - CFD:Common File Directory ----D- C:\Program Files\F1 Racing
O43 - CFD:Common File Directory ----D- C:\Program Files\filehippo.com
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Glary Utilities
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JPN
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\ltmoh
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\McAfee.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\Nsasoft
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenAL
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.3
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\RocketDock
O43 - CFD:Common File Directory ----D- C:\Program Files\Secunia
O43 - CFD:Common File Directory ----D- C:\Program Files\SEGA
O43 - CFD:Common File Directory R---D- C:\Program Files\Skype
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\Tall Emu
O43 - CFD:Common File Directory ----D- C:\Program Files\TeraCopy
O43 - CFD:Common File Directory ----D- C:\Program Files\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live(23)
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Components
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe(53)
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\McAfee
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Scanner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ulead Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D28941E199B70B92F1F9074844B2F0DC] - 30/03/2010 - 08:06:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.655E506E27394BA2CAB56B648009E6F3] - 30/03/2010 - 08:06:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [1686]
O44 - LFC:[MD5.1DE6F8D3DBEBD3E4259C44C382D584B2] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\is-D9CIA.lst [166]
O44 - LFC:[MD5.32875A139451F412CE0CFEC4717C9780] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\is-D9CIA.msg [13723]
O44 - LFC:[MD5.CE371DFAE6C572648DF9A7458BCDCC81] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\is-D9CIA.exe [673280]
O44 - LFC:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 29/03/2010 - 18:27:11 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520]
O44 - LFC:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 29/03/2010 - 18:27:11 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\System32\drivers\avipbb.sys [96104]
O44 - LFC:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 29/03/2010 - 18:27:11 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [56816]
O44 - LFC:[MD5.3F4F5FE43D28947570B75A589213F8AA] - 13/03/2010 - 05:39:10 ---A- . (.Tall Emu - TDI Helper Driver.) -- C:\Windows\System32\drivers\OAmon.sys [24440]
O44 - LFC:[MD5.940BFC9600ED518CBEA0BFA85CA8C389] - 13/03/2010 - 05:39:00 ---A- . (.Tall Emu Pty Ltd - OA Helper Driver.) -- C:\Windows\System32\drivers\OAnet.sys [30584]
O44 - LFC:[MD5.53B9C3E7131AFA9802725086A9453010] - 13/03/2010 - 05:38:54 ---A- . (.Tall Emu - OA Helper Driver.) -- C:\Windows\System32\drivers\OADriver.sys [226680]
O44 - LFC:[MD5.478ABCCF01166AC6D6AD0FA188051418] - 11/03/2010 - 09:00:35 ---A- . (.Microsoft Corporation - DLL HTTP netsh.) -- C:\Windows\System32\nshhttp.dll [24064]
O44 - LFC:[MD5.F870AA3E254628EBEAFE754108D664DE] - 11/03/2010 - 09:00:33 ---A- . (.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\drivers\http.sys [411648]
O44 - LFC:[MD5.F86293D93760C70ADF4F19E66E3FA5E8] - 11/03/2010 - 09:00:32 ---A- . (.Microsoft Corporation - API de pile du protocole HTTP.) -- C:\Windows\System32\httpapi.dll [30720]
O44 - LFC:[MD5.6AFCD7DD933105C15EA5CB79FA81703E] - 05/03/2010 - 12:37:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lvcoinst.log [9681]
O44 - LFC:[MD5.AA2F4671A91DDD48C5F47C4E55D19177] - 04/03/2010 - 04:36:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1630196]
O44 - LFC:[MD5.6A4BC0CCF80D670EB8A67E32EA12D93F] - 04/03/2010 - 04:36:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [119544]
O44 - LFC:[MD5.5707800583E5A5A902E54BE98AB4E76C] - 04/03/2010 - 04:36:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [146936]
O44 - LFC:[MD5.39D54ABA7F6B6D9F9654CA731E4FD502] - 04/03/2010 - 04:36:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [640110]
O44 - LFC:[MD5.DFC3212AEC889045362F3E36315BAEBC] - 04/03/2010 - 04:36:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [731230]
O44 - LFC:[MD5.395B22A836F8FD8D8E32CD1B355D51D4] - 02/03/2010 - 16:30:12 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [31648712]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll


---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{6a24f1e7-05ee-11dd-b5db-00a0d166d0f6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\PStart.exe (.not file.)


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.4 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "EnableShellExecuteHooks"=1


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 20:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 20:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 20:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 20:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.4E6294A06BE883C9BD685A8DFD9FCD4E] - 31/08/2006 - 16:53:00 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 20:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 20:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 20:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.8BE56F8300E1C37B578DA23C71816B7A] - 29/07/2008 - 05:05:04 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys
O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 19:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 19:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 19:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 19:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 19:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 19:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 20:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 20:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.D00EEAE1CACD77A1A8396BBC19140BBA] - 19/01/2008 - 15:25:04 ---A- . (.Intel Corporation - Pilote NDIS 5.1 de la carte Intel(R) PRO/100.) -- C:\Windows\system32\drivers\e100b325.sys
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 18:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 20:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 20/11/2006 - 08:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 20:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 20:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.9378D57E2B96C0A185D844770AD49948] - 11/02/2008 - 19:36:10 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 20:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 20:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 20:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.1E0D65F7FFEB4E99B2EEC1CCB5754CC8] - 15/02/2006 - 04:50:52 ---A- . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\system32\drivers\KR10I.sys
O58 - SDL:[MD5.0F9E83709CBB60B1549F3A65D0AB6E4F] - 15/02/2006 - 04:41:20 ---A- . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\system32\drivers\KR10N.sys
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 20:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 20:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 20:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.B20F958B207E6AAAC5F70D04DD2C30D8] - 30/04/2009 - 22:55:34 ---A- . (.Logitech Inc. - Audio filter for Express Plus.) -- C:\Windows\system32\drivers\lv302af.sys
O58 - SDL:[MD5.DD184D9ADFE2A8A21741DBDFE9E22F5C] - 30/04/2009 - 22:55:58 ---A- . (.Logitech Inc. - Logitech Webcam Software Driver.) -- C:\Windows\system32\drivers\LV302V32.SYS
O58 - SDL:[MD5.87ECCE893D8AEC5A9337B917742D339C] - 30/04/2009 - 23:01:36 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys
O58 - SDL:[MD5.23F8EF78BB9553E465A476F3CEE5CA18] - 27/07/2008 - 02:26:20 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys
O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 20:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.BAFDD5E28BAEA99D7F4772AF2F5EC7EE] - 16/09/2009 - 10:22:48 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\system32\drivers\mfeavfk.sys
O58 - SDL:[MD5.1D003E3056A43D881597D6763E83B943] - 16/09/2009 - 10:22:48 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\Windows\system32\drivers\mfebopk.sys
O58 - SDL:[MD5.3F138A1C8A0659F329F242D1E389B2CF] - 16/09/2009 - 10:22:48 ---A- . (.McAfee, Inc. - Host Intrusion Detection Link Driver.) -- C:\Windows\system32\drivers\mfehidk.sys
O58 - SDL:[MD5.41FE2F288E05A6C8AB85DD56770FFBAD] - 16/09/2009 - 10:22:14 ---A- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\Windows\system32\drivers\mferkdk.sys
O58 - SDL:[MD5.096B52EA918AA909BA5903D79E129005] - 16/09/2009 - 10:22:48 ---A- . (.McAfee, Inc. - System Monitor Filter Driver.) -- C:\Windows\system32\drivers\mfesmfk.sys
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 20:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.ACC6170D80C69E50145B370023B64ED3] - 30/10/2006 - 19:42:28 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 20:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 18:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys
O58 - SDL:[MD5.B02587FA997723297384C95F424E78FA] - 08/12/2006 - 06:25:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 97.46.) -- C:\Windows\system32\drivers\nvlddmkm.sys
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 20:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 20:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.53B9C3E7131AFA9802725086A9453010] - 13/03/2010 - 05:38:54 ---A- . (.Tall Emu - OA Helper Driver.) -- C:\Windows\system32\drivers\OADriver.sys
O58 - SDL:[MD5.3F4F5FE43D28947570B75A589213F8AA] - 13/03/2010 - 05:39:10 ---A- . (.Tall Emu - TDI Helper Driver.) -- C:\Windows\system32\drivers\OAmon.sys
O58 - SDL:[MD5.940BFC9600ED518CBEA0BFA85CA8C389] - 13/03/2010 - 05:39:00 ---A- . (.Tall Emu Pty Ltd - OA Helper Driver.) -- C:\Windows\system32\drivers\OAnet.sys
O58 - SDL:[MD5.365622E1F0B6D5F9871D76E89BF0501A] - 17/06/2009 - 23:20:34 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 20:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 20:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.2690BE9907B36B7C3EA2859C74926FA1] - 18/11/2006 - 03:06:36 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys
O58 - SDL:[MD5.72AECF54AAC22B20956D08610972B5A1] - 26/11/2009 - 00:25:27 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 17:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 20:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 20:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 20:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 20:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 20:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:[MD5.70534D1E4F9AC990536D5FB5B550B3DE] - 14/08/2008 - 10:40:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys
O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 18/10/2006 - 21:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys
O58 - SDL:[MD5.F779BA4CD37963AB4600C9871B7752A3] - 06/07/2006 - 23:44:00 ---A- . (.Texas Instruments - tifm21.sys.) -- C:\Windows\system32\drivers\tifm21.sys
O58 - SDL:[MD5.EB2283C0A4DFBD2E53D14F2C4D5A1E89] - 24/12/2007 - 17:37:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\system32\drivers\tmcomm.sys
O58 - SDL:[MD5.5C4103544612E5011EF46301B93D1AA6] - 24/10/2006 - 02:32:20 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\system32\drivers\tosrfec.sys
O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 09/11/2007 - 05:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 20:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 20:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 20:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 20:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 20:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 18:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.889E7F06279FD16549B77628918FF666] - 10/11/2006 - 14:38:24 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\athr.sys
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 18:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 18:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 18:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 18:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 18:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 18:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 18:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 18:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 18:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 18:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 18:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 18:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 18:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 18:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

re
part2/
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 27/03/2010 - 21:20:12 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcmscsvc\mcmscsvc000.log
O61 - LFC:Last File Created 28/03/2010 - 06:05:53 ---A- C:\Users\All Users\McAfee\VirusScan\Data\VMapLogs.old
O61 - LFC:Last File Created 28/03/2010 - 14:35:52 ---A- C:\Users\All Users\McAfee\MCLOGS\mcsmttsk\McUpdate\McUpdate000.log
O61 - LFC:Last File Created 28/03/2010 - 14:35:52 ---A- C:\Users\All Users\McAfee\MCLOGS\mcsmttsk\McUpdate\log.ini
O61 - LFC:Last File Created 28/03/2010 - 23:08:02 ---A- C:\Users\All Users\McAfee\MSC\Logs\{B69895F3-E430-42CF-8FE8-5B8C2638D3B7}.log
O61 - LFC:Last File Created 29/03/2010 - 07:53:12 ---A- C:\Users\All Users\McAfee\MCLOGS\SiteAdvisor\McSACore\McSACore000.log
O61 - LFC:Last File Created 29/03/2010 - 08:03:12 ---A- C:\Users\All Users\McAfee\MCLOGS\SiteAdvisor\McSACore\log.ini
O61 - LFC:Last File Created 29/03/2010 - 10:07:21 ---A- C:\Users\All Users\McAfee\MCLOGS\VirusScan\mcmscsvc\mcmscsvc000.log
O61 - LFC:Last File Created 29/03/2010 - 10:07:21 ---A- C:\Users\All Users\McAfee\MCLOGS\VirusScan\mcshield\mcshield000.log
O61 - LFC:Last File Created 29/03/2010 - 15:16:11 ---A- C:\Users\All Users\McAfee\MPF\data\logout.edb
O61 - LFC:Last File Created 29/03/2010 - 15:18:00 ---A- C:\Users\All Users\McAfee\MCLOGS\Anti-Spam\MskSrver\MskSrver000.log
O61 - LFC:Last File Created 29/03/2010 - 15:19:00 ----- C:\Users\All Users\McAfee\MSK\settingsdb.dat
O61 - LFC:Last File Created 29/03/2010 - 15:20:49 ---A- C:\Users\All Users\McAfee\MCLOGS\SiteAdvisor\McSACore\McSACore001.log
O61 - LFC:Last File Created 29/03/2010 - 15:20:54 ---A- C:\Users\All Users\McAfee\SiteAdvisor\SA.dat
O61 - LFC:Last File Created 29/03/2010 - 15:21:00 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcupdate\McUpdate001.log
O61 - LFC:Last File Created 29/03/2010 - 15:21:04 ---A- C:\Users\All Users\McAfee\VirusScan\Data\VMapLogs.log
O61 - LFC:Last File Created 29/03/2010 - 15:22:15 ---A- C:\Users\All Users\McAfee Security Scan\ftstate.ini
O61 - LFC:Last File Created 29/03/2010 - 15:22:46 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcuninst\mcuninst000.log
O61 - LFC:Last File Created 29/03/2010 - 15:22:48 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcsvrcnt\mcsvrcnt001.log
O61 - LFC:Last File Created 29/03/2010 - 15:22:48 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mvspost.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:22:49 ---A- C:\Users\All Users\McAfee\MCLOGS\mcsmttsk\McUpdate\McUpdate001.log
O61 - LFC:Last File Created 29/03/2010 - 15:22:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mvsctls.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:23 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mvsmisp.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:26 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\vso.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:26 ---A- C:\Users\All Users\McAfee\MCLOGS\VirusScan\mcinst\mcinst000.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:27 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\preinst.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:27 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sysmon.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:28 ---A- C:\Users\All Users\McAfee\HackerWatch\data\HwShared.xdb
O61 - LFC:Last File Created 29/03/2010 - 15:23:28 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\oasbin.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:28 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\oasdrv.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:28 ---A- C:\Users\All Users\McAfee\MSC\Logs\Events.dat
O61 - LFC:Last File Created 29/03/2010 - 15:23:30 ---A- C:\Users\All Users\McAfee\MCLOGS\VirusScan\mcsysmon\mcsysmon000.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:30 ---A- C:\Users\All Users\McAfee\VirusScan\Logs\OAS.Log
O61 - LFC:Last File Created 29/03/2010 - 15:23:32 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcmscsvc\log.ini
O61 - LFC:Last File Created 29/03/2010 - 15:23:32 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcmscsvc\mcmscsvc001.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:34 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\vspost.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:35 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mvsmain.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:35 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\vsmain.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:36 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfsbt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:36 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfuc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:36 ---A- C:\Users\All Users\McAfee\MSC\Logs\Settings.dat
O61 - LFC:Last File Created 29/03/2010 - 15:23:38 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfdata.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:38 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfmspli.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:39 ---A- C:\Users\All Users\McAfee\MCLOGS\MPF\MPFSrv\MPFSrv000.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:39 ---A- C:\Users\All Users\McAfee\MPF\data\History.dat
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\elist.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\ffplg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\ieplg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfLD.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpfcore.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sacomm.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sacore.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\safeff.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:41 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\safeie.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:42 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sachook.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:42 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\safelocalization.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:43 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sac.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:43 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sacimg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msacmain.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskcmcnt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskmisp.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskplg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskplg32.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskres.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:44 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\sacres.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\Delfolders004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\antphish.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsmsppv.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskLD.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskli.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msksrv.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:46 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mskuc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:47 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsmisp.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:48 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpscfg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:48 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpscnfg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:48 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpscore.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:48 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpspost.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:49 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\hwapi.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:50 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\fwdrv.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\Keywords.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcproxy.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsLD.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsdeflt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpshelp.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsli.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsres.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpssbt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:23:51 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mpsuc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcnasvc\mcnasvc000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\MBKMAI~1.INF004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\instLD.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mbkcore.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mbkhlp.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mbkloc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mbkmainLD.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mbksbt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\subst.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:01 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\substli.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:02 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcmscsvc\mcmscsvc002.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:02 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcnasvc\log.ini
O61 - LFC:Last File Created 29/03/2010 - 15:24:03 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcres.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:04 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcsync\mcsync002.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:04 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcclnt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:05 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcnasvc\mcnasvc001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:05 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcsrv.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:05 ---A- C:\Users\All Users\McAfee\MCLOGS\mcinfo\mcinfo001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mna.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\ndLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcpre.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\nmcpstLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McSync\mcsync000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:06 ---A- C:\Users\All Users\McAfee\MCLOGS\McSync\mcsync\mcsync000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:07 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcpins.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:07 ---A- C:\Users\Public\NTUSER.DAT
O61 - LFC:Last File Created 29/03/2010 - 15:24:07 --HA- C:\Users\Default\ntuser.dat.LOG1
O61 - LFC:Last File Created 29/03/2010 - 15:24:07 --HA- C:\Users\Public\NTUSER.DAT.LOG1
O61 - LFC:Last File Created 29/03/2010 - 15:24:07 -SHA- C:\Users\Default\NTUSER.DAT
O61 - LFC:Last File Created 29/03/2010 - 15:24:11 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcqc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:12 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcappins.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:12 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcpLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:12 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcshr.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:12 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcuc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:12 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mghtml.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:13 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcagent\mcagent000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:13 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msclgmis.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:13 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscprmgr.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:13 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscuimgr.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:14 ---A- C:\Users\All Users\McAfee\MCLOGS\MISP\mcupdmgr\mcupdmgr002.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:14 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msccfmgr.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:14 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscsvc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:14 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscupd.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcmispps.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscmisc.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscmnmgr.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscreg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscres.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:15 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscshll.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mccore.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msccmn.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscpstLI.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscrem.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscsbt.inf000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscsbt.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\oemcfg.inf000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\oemcfg.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:16 ---A- C:\Users\All Users\McAfee\MCLOGS\McMSCIns\mcinst\mcinst000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcpld.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcqchelp.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcqcres.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcshrhelp.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcshrres.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mschelp.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:17 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\msclcres.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\Cleanup004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\Common004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\instLD.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcdspwrp.inf002.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mcsmtmsg.inf002.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscLD.inf000.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscdfoem.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscli.inf004.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\mscpstLD.inf001.log
O61 - LFC:Last File Created 29/03/2010 - 15:24:18 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\subst.inf002.log
O61 - LFC:Last File Created 29/03/2010 - 15:25:28 ---A- C:\Users\All Users\McAfee\MCLOGS\McUninst\mcuninst\mcuninst000.log
O61 - LFC:Last File Created 29/03/2010 - 15:25:29 ---A- C:\Users\All Users\McAfee\MCLOGS\McInst\Common000.log
O61 - LFC:Last File Created 29/03/2010 - 15:38:21 ---A- C:\Users\Chouquette\AppData\Roaming\Microsoft\IdentityCRL\Production\MetaConfig.xml
O61 - LFC:Last File Created 29/03/2010 - 19:14:23 ---A- C:\Users\All Users\OnlineArmor\dmphistm.dat
O61 - LFC:Last File Created 29/03/2010 - 19:14:23 ---A- C:\Users\All Users\OnlineArmor\dmphistm.dat.bak
O61 - LFC:Last File Created 29/03/2010 - 19:41:18 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\shared_dynco\dc.db
O61 - LFC:Last File Created 29/03/2010 - 19:41:18 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\shared_dynco\dc.db-journal
O61 - LFC:Last File Created 29/03/2010 - 19:41:20 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\dc.db-journal
O61 - LFC:Last File Created 29/03/2010 - 19:42:18 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\chatsync\02\0237024e9454ea51.dat
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\shared.xml
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\bistats.db
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\bistats.db-journal
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\config.xml
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\httpfe\cookies.dat
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\main.db
O61 - LFC:Last File Created 29/03/2010 - 19:42:41 ---A- C:\Users\Chouquette\AppData\Roaming\Skype\undaia2\main.db-journal
O61 - LFC:Last File Created 29/03/2010 - 19:57:39 --HA- C:\Users\Chouquette\AppData\Local\IconCache.db
O61 - LFC:Last File Created 29/03/2010 - 20:02:06 ---A- C:\Users\All Users\OnlineArmor\license.dat.bak
O61 - LFC:Last File Created 29/03/2010 - 20:07:59 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\news.txt
O61 - LFC:Last File Created 29/03/2010 - 20:08:28 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
O61 - LFC:Last File Created 29/03/2010 - 20:11:49 ---A- C:\Users\Chouquette\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40266,8415417824
O61 - LFC:Last File Created 29/03/2010 - 20:11:49 ---A- C:\Users\Chouquette\AppData\Roaming\GlarySoft\Glary Utilities\Backups\index.ini
O61 - LFC:Last File Created 29/03/2010 - 20:17:21 ---A- C:\Users\Chouquette\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-03-29 (20-17-21).txt
O61 - LFC:Last File Created 29/03/2010 - 22:37:48 ---A- C:\Users\Chouquette\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog
O61 - LFC:Last File Created 30/03/2010 - 08:07:20 ---A- C:\Users\Chouquette\AppData\Local\Temp\Chouquette.bmp
O61 - LFC:Last File Created 30/03/2010 - 08:07:35 ---A- C:\Users\Chouquette\AppData\Local\Temp\wmplog00.sqm
O61 - LFC:Last File Created 30/03/2010 - 08:08:04 ---A- C:\Users\Chouquette\AppData\Local\Temp\AdobeARM.log
O61 - LFC:Last File Created 30/03/2010 - 08:08:25 ---A- C:\Users\Chouquette\AppData\Roaming\OnlineArmor\client.dat.bak
O61 - LFC:Last File Created 30/03/2010 - 08:11:54 ---A- C:\Users\Chouquette\AppData\Roaming\TeraCopy\FileList.dat
O61 - LFC:Last File Created 30/03/2010 - 08:11:59 ---A- C:\Users\Chouquette\AppData\Roaming\TeraCopy\Options.ini
O61 - LFC:Last File Created 30/03/2010 - 08:11:59 ---A- C:\Users\Chouquette\AppData\Roaming\TeraCopy\Transfer.log
O61 - LFC:Last File Created 30/03/2010 - 08:12:31 ---A- C:\Users\Chouquette\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)
O63 - Logiciel: RSIT - (random/random)


---\\ Observateur d'évènement d'application (OEA) (O66)
O66 - EventLog: ID=11316 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\Users
O66 - EventLog: ID=215 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\Users\Chouquette\AppData\Local\Microsoft\Windows Live Contacts\{b4339100-6365-469a-abba- (.not file.)
O66 - EventLog: ID=8193 (System Restore) - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation (.not file.)
O66 - EventLog: ID=8193 (System Restore) - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe -k netsvcs (.not file.)
O66 - EventLog: ID=11904 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\McAfee\Supportability\MVT (.not file.)


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



End of the scan (702 lines in 04mn 19s)

PS:
Tu constateras que j'ai tout sélectionné dans les options pour que tu ais tout sous les yeux, qui sait ça peu aider, je suis pas très expert pour mon age, hi hi hi!!!

Merci et à bientôt,

Tof.

Bonjour,

On est pas trop mal, il reste cependant 2-3 choses à nettoyer encore, rien de bien grave :

• Copie ces lignes ci dessous:

O44 - LFC:[MD5.D28941E199B70B92F1F9074844B2F0DC] - 30/03/2010 - 08:06:26 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O43 - CFD:Common File Directory ----D- C:\Program Files\BitLord
O44 - LFC:[MD5.1DE6F8D3DBEBD3E4259C44C382D584B2] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\is-D9CIA.lst [166]
O44 - LFC:[MD5.32875A139451F412CE0CFEC4717C9780] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\is-D9CIA.msg [13723]
O44 - LFC:[MD5.CE371DFAE6C572648DF9A7458BCDCC81] - 29/03/2010 - 19:56:42 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\is-D9CIA.exe [673280]

• Ouvre ZHPDiag, puis clique sur l'icône
  Si l'icône n'apparait pas, relance un scan avec ZHPDiag, à la fin du scan elle apparaitra
• Clique successivement sur l'icône ,pour effacer le rapport qui s'est affiché
• Clique ensuite sur pour coller la sélection
• Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre
• Clique sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.
• Clique sur "Tous" puis sur "Nettoyer".
  Si on te demande de redémarrer l'ordi pour achever le nettoyage, fais le immmédiatement.
• Copie/colle le rapport dans ton prochain post.

Remarque:Le rapport se situe aussi sous C:\Program Files\ZebHelpProcess\ZHPFixReport.txt


Dis moi comment se comporte ta machine maintenant?

A++

salut, je viens de faire ce que tu me demande et j'ai un message qui me dit: "impossible de créer le ...etc

que dois je faire?

et aussi à la fin du message il est dit "accès refusé"