Rebonjour,
Je n'ai pas eu de demande de scan compémentaire.
Voici le fichier DDS.txt:
DDS (Ver_10-03-17.01) - NTFSX64
Run by Claude et Nadine at 12:34:21.80 on 23.04.2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Professionnel 6.1.7600.0.1252.41.1036.18.4030.2705 [GMT 2:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\C-CHANNEL\PayPen\PayPen.exe
D:\Program Files\Sony\VolumeWatcher\SPUVolumeWatcher.exe
D:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\HipServ Desktop Applications\HipServAgent\HipServAgent.exe
D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
D:\Program Files\HipServ Desktop Applications\DesktopMirror\HipServDesktopMirror.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
D:\Program Files\C-CHANNEL\PayPen\CPenDesk.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Program Files\C-CHANNEL\PayPen\CPenOCR.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\splwow64.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Claude et Nadine\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
hxxp://www.google.comuStart Page =
hxxp://www.romandie.com/news/uSearch Bar =
hxxp://www.google.com/ieuDefault_Search_URL =
hxxp://www.google.com/iemLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.5.0_10\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [UBSShell] d:\program files\ubs e-banking\ubs shell\UBSShell.exe Hidden
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AdobeBridge]
mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min
mRun: [HipServ Agent] d:\program files\hipserv desktop applications\hipservagent\HipServAgent.exe
mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe_ID0ENQBO] c:\progra~2\common~1\adobe\adobev~2\server\bin\VERSIO~2.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "d:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "d:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [QuickTime Task] "d:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "d:\program files (x86)\itunes\iTunesHelper.exe"
StartupFolder: c:\users\claude~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\outild~1.lnk - d:\program files\sony\volumewatcher\SPUVolumeWatcher.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\c-chan~1.lnk - d:\program files\c-channel\onlineupdate\PeOnlineUpdate.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - d:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\paypen.lnk - d:\program files\c-channel\paypen\PayPen.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter au fichier PDF existant - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir au format PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporter vers Microsoft Excel - d:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Ouvrir une image dans PhotoME... - d:\program files\photome\photome\iemenuext.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.5.0_10\bin\npjpi150_10.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~2\micros~1\office12\REFIEBAR.DLL
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} -
hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload2.macromedia.com/get/s ... wflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: {49D825BC-1508-45D4-AAD9-2BFC8BBB5043} = 8.8.4.4,195.186.1.111,195.186.4.111,156.154.71.1
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun-x64: [CanonSolutionMenu] c:\program files (x86)\canon\solutionmenu\CNSLMAIN.exe /logon
mRun-x64: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun-x64: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
Hosts: 192.168.1.2 printserver
Hosts: 192.168.1.2 Printserver
Hosts: 192.168.1.245 Accesspoint
Hosts: 192.168.1.245 accesspoint
Hosts: 192.168.1.5 cnzell1
Note: multiple HOSTS entries found. Please refer to Attach.txt
================= FIREFOX ===================
FF - ProfilePath - c:\users\claude~1\appdata\roaming\mozilla\firefox\profiles\5ns3vj8c.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.romandie.com/news/FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\java\jre1.5.0_10\bin\NPJPI150_10.dll
FF - plugin: d:\program files (x86)\itunes\mozilla plugins\npitunes.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin6.dll
FF - plugin: d:\program files (x86)\quicktime\plugins\npqtplugin7.dll
FF - plugin: d:\program files\google\picasa3\npPicasa2.dll
FF - plugin: d:\program files\google\picasa3\npPicasa3.dll
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\avira\antivir desktop\sched.exe [2010-1-9 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2010-1-9 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-9 74880]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB64.sys [2009-6-10 1627520]
S2 gupdate;Service Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2010-2-27 1038088]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2009-6-17 74256]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2009-6-17 13328]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl64.sys [2009-8-28 21504]
S3 PayPen;PayPen;c:\windows\system32\drivers\PayPen.sys [2008-1-14 20840]
S3 StorSvc;Service de stockage;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-10-16 50176]
============== File Associations ===============
.txt=
=============== Created Last 30 ================
2010-04-22 19:03:38 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidEqd_01005.Wdf
2010-04-22 19:03:35 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LEqdUsb_01005.Wdf
2010-04-22 18:18:29 0 d-----w- c:\users\claude~1\appdata\roaming\Souptoys
2010-04-22 18:18:29 0 d-----w- c:\programdata\Souptoys
2010-04-22 18:18:18 0 d-----w- c:\programdata\Souptoys2
2010-04-20 11:08:29 0 d-----w- c:\users\claude~1\appdata\roaming\KeePass
2010-04-16 17:24:27 455680 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-16 17:24:18 0 d-----w- c:\program files\Java
2010-04-15 11:51:03 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-15 11:51:03 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2010-04-15 11:50:34 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-15 11:50:34 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-15 11:50:34 125952 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-15 11:50:07 5509008 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-15 11:50:07 3954568 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-04-15 11:50:07 3899280 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-04-14 16:25:09 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 16:25:09 139264 ----a-w- c:\windows\system32\cabview.dll
2010-04-14 16:25:09 132608 ----a-w- c:\windows\syswow64\cabview.dll
2010-04-14 16:25:08 172032 ----a-w- c:\windows\syswow64\wintrust.dll
2010-04-11 20:11:34 53346 ----a-w- c:\windows\syswow64\javaw.exe
2010-04-11 20:11:34 49265 ----a-w- c:\windows\syswow64\jpicpl32.cpl
2010-04-11 20:11:34 49248 ----a-w- c:\windows\syswow64\java.exe
2010-04-11 20:11:34 127078 ----a-w- c:\windows\syswow64\javaws.exe
2010-04-04 08:20:54 0 d-----w- c:\program files\iPod
2010-04-04 08:20:53 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-04-04 08:20:53 0 d-----w- c:\program files\iTunes
2010-04-04 08:18:58 0 d-----w- c:\program files\Bonjour
2010-04-04 08:18:58 0 d-----w- c:\program files (x86)\Bonjour
2010-04-03 15:04:03 0 d-----w- c:\users\claude~1\appdata\roaming\PandoraRecovery
2010-04-02 17:17:46 0 d-----w- c:\program files (x86)\MAGIX
2010-04-02 17:17:27 0 d-----w- c:\program files (x86)\common files\MAGIX Services
2010-03-24 17:05:50 294912 ----a-w- c:\windows\system32\browserchoice.exe
==================== Find3M ====================
2010-04-23 10:30:50 694766 ----a-w- c:\windows\system32\perfh00C.dat
2010-04-23 10:30:50 127478 ----a-w- c:\windows\system32\perfc00C.dat
2010-03-29 22:45:56 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-24 08:16:06 212864 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 08:22:50 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 07:56:00 977920 ----a-w- c:\windows\syswow64\wininet.dll
2010-02-23 07:55:56 1225216 ----a-w- c:\windows\syswow64\urlmon.dll
2010-02-23 07:55:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-02-23 07:55:43 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-02-23 07:55:43 5964800 ----a-w- c:\windows\syswow64\mshtml.dll
2010-02-23 07:55:24 10978816 ----a-w- c:\windows\syswow64\ieframe.dll
2010-02-23 07:55:20 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-02-19 23:47:50 3604480 ----a-w- c:\windows\syswow64\GPhotos.scr
2010-02-12 10:01:24 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-02-12 10:01:24 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-02-12 09:46:14 91424 ----a-w- c:\windows\syswow64\dnssd.dll
2010-02-12 09:46:14 107808 ----a-w- c:\windows\syswow64\dns-sd.exe
2010-02-02 08:36:47 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\syswow64\tzres.dll
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfd.dat
2009-07-14 15:24:01 38160 ----a-w- c:\windows\inf\perflib\040c\perfc.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfi.dat
2009-07-14 15:24:01 344522 ----a-w- c:\windows\inf\perflib\040c\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2010-01-17 15:48:56 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 12:34:48.25 ===============
Atteindre le savoir, c'est reconnaître le gouffre de son ignorance.