PC qui redémarre au lieu de s'arrêter...
Fermé
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
-
5 déc. 2008 à 22:39
Utilisateur anonyme - 11 déc. 2008 à 01:59
Utilisateur anonyme - 11 déc. 2008 à 01:59
A voir également:
- PC qui redémarre au lieu de s'arrêter...
- Pc qui rame - Guide
- Benchmark pc - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Trouver un lieu avec coordonnées gps - Guide
12 réponses
Utilisateur anonyme
5 déc. 2008 à 23:49
5 déc. 2008 à 23:49
essaie ceci :
ouvre un document texte et copies/colles ceci dedans :
shutdown /s
ensuite "enregistre sous" Stop.bat sur le bureau ey ensuite doubleclic dessus
ouvre un document texte et copies/colles ceci dedans :
shutdown /s
ensuite "enregistre sous" Stop.bat sur le bureau ey ensuite doubleclic dessus
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
6 déc. 2008 à 13:50
6 déc. 2008 à 13:50
Non, j'ai déjà essayé, aucune différence.
Juste après "Fermeture de Windows" l'écran bleu apparait.
En mode sans-échec aussi.
Je ne peux même pas faire une restauration système !
Juste après "Fermeture de Windows" l'écran bleu apparait.
En mode sans-échec aussi.
Je ne peux même pas faire une restauration système !
Utilisateur anonyme
6 déc. 2008 à 14:27
6 déc. 2008 à 14:27
au pire des cas pour virtumonde :
Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».
Téléchargez VirtumundoBeGone sur votre bureau : http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Double-cliquez ensuite sur VirtumundoBeGone.exe et suivez les instructions qui s'affichent à l'écran.
Une fois terminé, redémarrez votre PC.
PS : Ne vous inquiètez pas si vous voyez un écran bleu "Erreur fatale", c'est normal.
Poste le rapport généré par VirtumundoBeGone ^^
Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».
Téléchargez VirtumundoBeGone sur votre bureau : http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Double-cliquez ensuite sur VirtumundoBeGone.exe et suivez les instructions qui s'affichent à l'écran.
Une fois terminé, redémarrez votre PC.
PS : Ne vous inquiètez pas si vous voyez un écran bleu "Erreur fatale", c'est normal.
Poste le rapport généré par VirtumundoBeGone ^^
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
6 déc. 2008 à 15:20
6 déc. 2008 à 15:20
https://i78.servimg.com/u/f78/11/18/61/05/erreur10.jpg
Même message en mode sans échec :/
Même message en mode sans échec :/
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
6 déc. 2008 à 15:51
6 déc. 2008 à 15:51
sinon :
====================
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, dézippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme.
Si tu es d'accord avec les termes du disclaimer, clique sur Continue.
Vérifie que le bouton devant Last Files Created est coché.
A la fin du scan, enregistre le rapport en cliquant sur Sauve.
Ouvre le fichier sauvegardé avec le Bloc-Notes et copie son contenu dans ta réponse.
====================
Ouvre ce lien et télécharge ZHPDiag :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, dézippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme.
Si tu es d'accord avec les termes du disclaimer, clique sur Continue.
Vérifie que le bouton devant Last Files Created est coché.
A la fin du scan, enregistre le rapport en cliquant sur Sauve.
Ouvre le fichier sauvegardé avec le Bloc-Notes et copie son contenu dans ta réponse.
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
6 déc. 2008 à 16:08
6 déc. 2008 à 16:08
Rapport de ZHPDiag v1.16 par Nicolas Coolman
Enregistré le 06/12/2008 16:07:07
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.4)
---\\ Processus lancés
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\RaidTool\xInsIDE.exe
nwiz.exe
C:\WINDOWS\system32\xRaidSetup.exe
C:\Program Files\Boinc\boinctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\regedt32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [boinctray] "C:\Program Files\Boinc\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files\Boinc\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKLM\..\policies\Explorer: [NoRecentDocsHistory] Data="1"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="60"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
O20 - Winlogon Notify: rqVWahhy - C:\WINDOWS\System32\winzzd32.dll
O20 - AppInit_DLLs:CLKERN.DLL
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BOINC (BOINC) - C:\Program Files\Boinc\boinc.exe" -daemon
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset Service (ekrn) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Eset Nod32 Boot (NOD32FiXTemDono) - C:\WINDOWS\system32\regedt32.exe /s C:\WINDOWS\nod32fixtemdono.reg
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (O&O Defrag) - C:\WINDOWS\system32\oodag.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CmdLineExt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\d3d9caps.dat -->09/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\e751abd1-.txt -->30/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ealregsnapshot1.reg -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->10/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\fwapi.dll -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\HPPDEVX.DLL.log -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->03/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\initdebug.nfo -->19/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\keystone.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\msxml3a.dll -->24/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\netapi32.dll -->15/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nv4_disp.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvappbar.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.nvb -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.xml -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcod.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcodins.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcolor.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcplui.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpluir.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcuda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisp.nvu -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisps.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdispsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdspsch.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgames.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgamesr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nview.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccsrs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmctray.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmobls.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmoblsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvnt4cpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvoglnt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvRegDev.dll -->27/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvshell.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvsvc32.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvtuicpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvudisp.exe -->17/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NVUNINST.EXE -->16/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwddi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwdmcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwimg.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nwiz.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\oodbs.lor -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\pep.exe -->20/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->15/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\winzzd32.dll -->01/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\jraid.sys -->04/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw1.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nocashio.sys -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nv4_mini.sys -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\Rtenicxp.sys -->25/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->08/09/2008
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-0A47508B.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-3506226C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.EXE-3591253A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.SCR-1E2EE401.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCCMD.EXE-14E955C5.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCMGR.EXE-1BDC5B97.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CALC.EXE-02A5B4B1.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHARMAP.EXE-38871DAF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHKUPD.EXE-33FD45BA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSC.EXE-22F6101C.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-1404C725.pf -->28/10/2012
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-16681F8A.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-00D65C08.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-01299854.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188868.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2166533F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2C17FFDE.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOXITR~1.EXE-0BF42D29.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWIN.EXE-109DFF51.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWINHYPER.EXE-00D4CC70.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0324EC74.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HJFGJFGJY.EXE-0F1FF487.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HPQUSGL.EXE-0EB3A1D2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IDRIVER.EXE-1F02F4D6.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-0B1E86C7.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-09F422F3.pf -->22/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-0AF6D364.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSERVICE.EXE-264748AF.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSETUP.EXE-085B81E8.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MEMTEST.EXE-20AD647A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-07121ECA.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-0EBDBC56.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSE.EXE-2D1D1CBE.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PF-STUDIO.EXE-3742240E.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PIXIETOOL.EXE-01605E34.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-0418296D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALPLAY.EXE-05411014.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-388D7C2D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGISTRYEDITOR.EXE-2C2138DF.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RIGID BODIES.EXE-090F3269.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RM.EXE-05AD1F97.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RPHELPERAPP.EXE-10C6EAB7.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D003ED7.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DE4948B.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40841306.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4183E418.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C2E01B4.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F75FD80.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4FC90992.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5560CAC5.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5767BBC3.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5770272A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5F120771.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-60F0E1EC.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-624DFD1A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6350187E.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6550671A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-71A0A95B.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-738C31D1.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SDFILES.EXE-010A4312.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-DE.EXE-2E8A47AF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-03CF74B3.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-07B9C91A.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-07C114D7.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-09C1F939.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-120E1974.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-15138DCA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-1BD1B44C.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-207446D4.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-242BE737.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-2C9D5B66.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-2CA99143.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-GB.EXE-21CB1E88.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-023F5FA8.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-02E0D642.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-122D25C6.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-1C78CD9A.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2281E940.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SNDVOL32.EXE-0EC6FD20.pf -->24/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STARTUPMANAGER.EXE-2BE3A631.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STUDIO.EXE-242587CE.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-1BF62657.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TMFOREVER.EXE-0F069179.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TMFOREVERLAUNCHER.EXE-383F751A.pf -->29/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UMI.EXE-21660CC7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINSTALL.EXE-26024461.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-34F06558.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATER.EXE-2CCC6F78.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USNSVC.EXE-05B86444.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UTORRENT.EXE-01137797.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VC5.EXE-00E9A23C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VIDEOENC.EXE-0B269240.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-02F29DFD.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VT_KICKSTART.EXE-23A0B978.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_BOINC_6.2.28_WINDOWS_INTE-221C329E.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_FAAH_AUTODOCK_6.06_WINDOW-18DE128F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_FAAH_AUTODOCK_6.06_WINDOW-2B41833B.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_HPF2_ROSETTA_6.03_WINDOWS-2DE606CA.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_RICE_6.17_WINDOWS_INTELX8-06BCE8E9.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_RICE_6.17_WINDOWS_INTELX8-37966D6B.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-15ED065E.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-1ACCF80B.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\X-VIDEO-CONVERTER-ULTIMATE.EX-046DD9A3.pf -->19/11/2008
End of the scan:
Rapport de ZHPDiag v1.16 par Nicolas Coolman
Enregistré le 06/12/2008 16:07:07
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.4)
---\\ Processus lancés
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\RaidTool\xInsIDE.exe
nwiz.exe
C:\WINDOWS\system32\xRaidSetup.exe
C:\Program Files\Boinc\boinctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\regedt32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [boinctray] "C:\Program Files\Boinc\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files\Boinc\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKLM\..\policies\Explorer: [NoRecentDocsHistory] Data="1"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="60"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
O20 - Winlogon Notify: rqVWahhy - C:\WINDOWS\System32\winzzd32.dll
O20 - AppInit_DLLs:CLKERN.DLL
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BOINC (BOINC) - C:\Program Files\Boinc\boinc.exe" -daemon
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset Service (ekrn) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Eset Nod32 Boot (NOD32FiXTemDono) - C:\WINDOWS\system32\regedt32.exe /s C:\WINDOWS\nod32fixtemdono.reg
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (O&O Defrag) - C:\WINDOWS\system32\oodag.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CmdLineExt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\d3d9caps.dat -->09/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\e751abd1-.txt -->30/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ealregsnapshot1.reg -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->10/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\fwapi.dll -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\HPPDEVX.DLL.log -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->03/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\initdebug.nfo -->19/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\keystone.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\msxml3a.dll -->24/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\netapi32.dll -->15/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nv4_disp.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvappbar.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.nvb -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.xml -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcod.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcodins.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcolor.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcplui.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpluir.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcuda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisp.nvu -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisps.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdispsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdspsch.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgames.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgamesr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nview.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccsrs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmctray.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmobls.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmoblsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvnt4cpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvoglnt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvRegDev.dll -->27/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvshell.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvsvc32.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvtuicpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvudisp.exe -->17/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NVUNINST.EXE -->16/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwddi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwdmcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwimg.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nwiz.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\oodbs.lor -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\pep.exe -->20/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->15/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\winzzd32.dll -->01/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\jraid.sys -->04/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw1.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nocashio.sys -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nv4_mini.sys -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\Rtenicxp.sys -->25/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->08/09/2008
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-0A47508B.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-3506226C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.EXE-3591253A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.SCR-1E2EE401.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCCMD.EXE-14E955C5.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCMGR.EXE-1BDC5B97.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CALC.EXE-02A5B4B1.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHARMAP.EXE-38871DAF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHKUPD.EXE-33FD45BA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSC.EXE-22F6101C.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-1404C725.pf -->28/10/2012
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-16681F8A.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-00D65C08.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-01299854.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188868.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2166533F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2C17FFDE.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOXITR~1.EXE-0BF42D29.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWIN.EXE-109DFF51.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWINHYPER.EXE-00D4CC70.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0324EC74.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HJFGJFGJY.EXE-0F1FF487.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HPQUSGL.EXE-0EB3A1D2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IDRIVER.EXE-1F02F4D6.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-0B1E86C7.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-09F422F3.pf -->22/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-0AF6D364.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSERVICE.EXE-264748AF.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSETUP.EXE-085B81E8.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MEMTEST.EXE-20AD647A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-07121ECA.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-0EBDBC56.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSE.EXE-2D1D1CBE.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PF-STUDIO.EXE-3742240E.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PIXIETOOL.EXE-01605E34.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-0418296D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALPLAY.EXE-05411014.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-388D7C2D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGISTRYEDITOR.EXE-2C2138DF.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RIGID BODIES.EXE-090F3269.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RM.EXE-05AD1F97.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RPHELPERAPP.EXE-10C6EAB7.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D003ED7.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DE4948B.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40841306.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4183E418.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C2E01B4.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F75FD80.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\R
Enregistré le 06/12/2008 16:07:07
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.4)
---\\ Processus lancés
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\RaidTool\xInsIDE.exe
nwiz.exe
C:\WINDOWS\system32\xRaidSetup.exe
C:\Program Files\Boinc\boinctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\regedt32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [boinctray] "C:\Program Files\Boinc\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files\Boinc\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKLM\..\policies\Explorer: [NoRecentDocsHistory] Data="1"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="60"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
O20 - Winlogon Notify: rqVWahhy - C:\WINDOWS\System32\winzzd32.dll
O20 - AppInit_DLLs:CLKERN.DLL
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BOINC (BOINC) - C:\Program Files\Boinc\boinc.exe" -daemon
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset Service (ekrn) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Eset Nod32 Boot (NOD32FiXTemDono) - C:\WINDOWS\system32\regedt32.exe /s C:\WINDOWS\nod32fixtemdono.reg
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (O&O Defrag) - C:\WINDOWS\system32\oodag.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CmdLineExt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\d3d9caps.dat -->09/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\e751abd1-.txt -->30/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ealregsnapshot1.reg -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->10/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\fwapi.dll -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\HPPDEVX.DLL.log -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->03/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\initdebug.nfo -->19/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\keystone.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\msxml3a.dll -->24/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\netapi32.dll -->15/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nv4_disp.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvappbar.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.nvb -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.xml -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcod.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcodins.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcolor.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcplui.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpluir.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcuda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisp.nvu -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisps.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdispsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdspsch.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgames.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgamesr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nview.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccsrs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmctray.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmobls.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmoblsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvnt4cpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvoglnt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvRegDev.dll -->27/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvshell.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvsvc32.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvtuicpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvudisp.exe -->17/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NVUNINST.EXE -->16/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwddi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwdmcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwimg.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nwiz.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\oodbs.lor -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\pep.exe -->20/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->15/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\winzzd32.dll -->01/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\jraid.sys -->04/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw1.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nocashio.sys -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nv4_mini.sys -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\Rtenicxp.sys -->25/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->08/09/2008
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-0A47508B.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-3506226C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.EXE-3591253A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.SCR-1E2EE401.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCCMD.EXE-14E955C5.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCMGR.EXE-1BDC5B97.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CALC.EXE-02A5B4B1.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHARMAP.EXE-38871DAF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHKUPD.EXE-33FD45BA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSC.EXE-22F6101C.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-1404C725.pf -->28/10/2012
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-16681F8A.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-00D65C08.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-01299854.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188868.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2166533F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2C17FFDE.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOXITR~1.EXE-0BF42D29.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWIN.EXE-109DFF51.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWINHYPER.EXE-00D4CC70.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0324EC74.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HJFGJFGJY.EXE-0F1FF487.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HPQUSGL.EXE-0EB3A1D2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IDRIVER.EXE-1F02F4D6.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-0B1E86C7.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-09F422F3.pf -->22/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-0AF6D364.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSERVICE.EXE-264748AF.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSETUP.EXE-085B81E8.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MEMTEST.EXE-20AD647A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-07121ECA.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-0EBDBC56.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSE.EXE-2D1D1CBE.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PF-STUDIO.EXE-3742240E.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PIXIETOOL.EXE-01605E34.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-0418296D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALPLAY.EXE-05411014.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-388D7C2D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGISTRYEDITOR.EXE-2C2138DF.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RIGID BODIES.EXE-090F3269.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RM.EXE-05AD1F97.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RPHELPERAPP.EXE-10C6EAB7.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D003ED7.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DE4948B.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40841306.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4183E418.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C2E01B4.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F75FD80.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4FC90992.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5560CAC5.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5767BBC3.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5770272A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5F120771.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-60F0E1EC.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-624DFD1A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6350187E.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6550671A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-71A0A95B.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-738C31D1.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SDFILES.EXE-010A4312.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-DE.EXE-2E8A47AF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-03CF74B3.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-07B9C91A.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-07C114D7.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-09C1F939.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-120E1974.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-15138DCA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-1BD1B44C.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-207446D4.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-242BE737.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-2C9D5B66.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-FR.EXE-2CA99143.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP-GB.EXE-21CB1E88.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-023F5FA8.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-02E0D642.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-122D25C6.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-1C78CD9A.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-2281E940.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SNDVOL32.EXE-0EC6FD20.pf -->24/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STARTUPMANAGER.EXE-2BE3A631.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STUDIO.EXE-242587CE.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-2D5FBD18.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\THUNDERBIRD.EXE-1BF62657.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TMFOREVER.EXE-0F069179.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TMFOREVERLAUNCHER.EXE-383F751A.pf -->29/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UMI.EXE-21660CC7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINSTALL.EXE-26024461.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-34F06558.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATER.EXE-2CCC6F78.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USNSVC.EXE-05B86444.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UTORRENT.EXE-01137797.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VC5.EXE-00E9A23C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VIDEOENC.EXE-0B269240.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VLC.EXE-02F29DFD.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VT_KICKSTART.EXE-23A0B978.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_BOINC_6.2.28_WINDOWS_INTE-221C329E.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_FAAH_AUTODOCK_6.06_WINDOW-18DE128F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_FAAH_AUTODOCK_6.06_WINDOW-2B41833B.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_HPF2_ROSETTA_6.03_WINDOWS-2DE606CA.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_RICE_6.17_WINDOWS_INTELX8-06BCE8E9.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WCG_RICE_6.17_WINDOWS_INTELX8-37966D6B.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINWORD.EXE-15ED065E.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMPLAYER.EXE-1ACCF80B.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\X-VIDEO-CONVERTER-ULTIMATE.EX-046DD9A3.pf -->19/11/2008
End of the scan:
Rapport de ZHPDiag v1.16 par Nicolas Coolman
Enregistré le 06/12/2008 16:07:07
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.4)
---\\ Processus lancés
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\RaidTool\xInsIDE.exe
nwiz.exe
C:\WINDOWS\system32\xRaidSetup.exe
C:\Program Files\Boinc\boinctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\regedt32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: 1 - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [boinctray] "C:\Program Files\Boinc\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files\Boinc\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
O4 - HKLM\..\policies\Explorer: [NoRecentDocsHistory] Data="1"
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="60"
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Piratage de domaine (Lop.com) (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{43522B15-DEC2-4264-B003-9218688D7960}: 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8BB8A094-97B8-4D21-9F57-88442E49673D}: 80.10.246.2,80.10.246.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{FD3F89E7-CE8A-4D3B-B23A-DC5D8A51B8FD}: 192.168.1.1
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Valeur de registre AppInit_DLLs et sous-clés Winlogon Notify (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll
O20 - Winlogon Notify: rqVWahhy - C:\WINDOWS\System32\winzzd32.dll
O20 - AppInit_DLLs:CLKERN.DLL
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BOINC (BOINC) - C:\Program Files\Boinc\boinc.exe" -daemon
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset Service (ekrn) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU (NMSAccessU) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Eset Nod32 Boot (NOD32FiXTemDono) - C:\WINDOWS\system32\regedt32.exe /s C:\WINDOWS\nod32fixtemdono.reg
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (O&O Defrag) - C:\WINDOWS\system32\oodag.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\CmdLineExt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\d3d9caps.dat -->09/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\e751abd1-.txt -->30/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ealregsnapshot1.reg -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->10/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\fwapi.dll -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\HPPDEVX.DLL.log -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->03/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\initdebug.nfo -->19/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\keystone.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\msxml3a.dll -->24/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\netapi32.dll -->15/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nv4_disp.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvappbar.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.nvb -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.xml -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcod.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcodins.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcolor.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcplui.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcpluir.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvcuda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisp.nvu -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdisps.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdispsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvdspsch.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgames.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvgamesr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nview.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccsrs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmccssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmctray.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmobls.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvmoblsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvnt4cpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvoglnt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvRegDev.dll -->27/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvshell.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvsvc32.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvtuicpl.cpl -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvudisp.exe -->17/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\NVUNINST.EXE -->16/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvvitvsr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwddi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwdmcpl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwimg.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsar.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrscs.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsda.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsde.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsel.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrseng.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrses.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsesm.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfi.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsfr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshe.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrshu.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsit.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsja.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsko.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsnl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsno.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrspt.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsptb.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsru.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssk.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssl.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrssv.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrsth.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrstr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszhc.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwrszht.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwss.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvwssr.dll -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\nwiz.exe -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\oodbs.lor -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\pep.exe -->20/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->15/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\winzzd32.dll -->01/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->06/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\jraid.sys -->04/11/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\lnsfw1.sys -->04/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->03/12/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nocashio.sys -->10/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\nv4_mini.sys -->07/10/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\Rtenicxp.sys -->25/09/2008
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\srv.sys -->08/09/2008
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-0A47508B.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-3506226C.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.EXE-3591253A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINC.SCR-1E2EE401.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCCMD.EXE-14E955C5.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BOINCMGR.EXE-1BDC5B97.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CALC.EXE-02A5B4B1.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHARMAP.EXE-38871DAF.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHKUPD.EXE-33FD45BA.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSC.EXE-22F6101C.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-1404C725.pf -->28/10/2012
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CVTRES.EXE-16681F8A.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DAEMON.EXE-3B58F055.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-00D65C08.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EMULE.EXE-01299854.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188868.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2166533F.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOREXTRADING.EXE-2C17FFDE.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FOXITR~1.EXE-0BF42D29.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWIN.EXE-109DFF51.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRWINHYPER.EXE-00D4CC70.pf -->28/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPER.EXE-0324EC74.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HJFGJFGJY.EXE-0F1FF487.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HPQUSGL.EXE-0EB3A1D2.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IDRIVER.EXE-1F02F4D6.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INTEGRATOR.EXE-0B1E86C7.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-09F422F3.pf -->22/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IZARC.EXE-0AF6D364.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSERVICE.EXE-264748AF.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MACONFSETUP.EXE-085B81E8.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-0D37CDF0.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MEMTEST.EXE-20AD647A.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-07121ECA.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-0EBDBC56.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OSE.EXE-2D1D1CBE.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PF-STUDIO.EXE-3742240E.pf -->06/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PIXIETOOL.EXE-01605E34.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-0418296D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALPLAY.EXE-05411014.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-388D7C2D.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf -->04/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGISTRYEDITOR.EXE-2C2138DF.pf -->03/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RIGID BODIES.EXE-090F3269.pf -->15/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RM.EXE-05AD1F97.pf -->09/11/2099
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RPHELPERAPP.EXE-10C6EAB7.pf -->17/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CC54DC9.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D003ED7.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DE4948B.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40841306.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4183E418.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41C4C933.pf -->01/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-488E2468.pf -->05/12/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C2E01B4.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EE39BB6.pf -->21/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4F75FD80.pf -->19/11/2008
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\R
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
6 déc. 2008 à 16:14
6 déc. 2008 à 16:14
Depuis quelques temps, l'ordi affiche aussi des écrans bleus aléatoirement sous Windows...
Je crois avoir trouvé la source du problème :
http://www.skreo.net/article-2906-270551-les-virus-debarquent-sur-facebook.html
Dans l'image de l'article, j'ai essayé le lien pour voir si c'était bien un virus. Je l'ai scanné avec plusieurs logiciels, ils n'ont rien trouvé, et bien entendu j'ai lancé le logiciel (quel c*n...).
Une fenêtre Internet Explorer s'est ouverte avec un gif animé d'une fille qui dit "have a nice week end". À mon avis c'est de là que vient le VirtuMonde en question.
C'est aussi depuis cette période que j'ai ces écrans bleus, il me semble.
Je crois avoir trouvé la source du problème :
http://www.skreo.net/article-2906-270551-les-virus-debarquent-sur-facebook.html
Dans l'image de l'article, j'ai essayé le lien pour voir si c'était bien un virus. Je l'ai scanné avec plusieurs logiciels, ils n'ont rien trouvé, et bien entendu j'ai lancé le logiciel (quel c*n...).
Une fenêtre Internet Explorer s'est ouverte avec un gif animé d'une fille qui dit "have a nice week end". À mon avis c'est de là que vient le VirtuMonde en question.
C'est aussi depuis cette période que j'ai ces écrans bleus, il me semble.
Utilisateur anonyme
6 déc. 2008 à 16:38
6 déc. 2008 à 16:38
Telecharge FindyKill sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Fais un clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Fais un clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
6 déc. 2008 à 16:53
6 déc. 2008 à 16:53
----------------- FindyKill V4.706 ------------------
* User : MERINO - DANIEL-F2379317
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 27/11/08 par Chiquitine29
* Recherche effectuée à 16:43:00 le 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Boinc\boinctray.exe
C:\Program Files\Boinc\boincmgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bill2's Process Manager\ProcessManager.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\MERINO\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\MERINO\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\MERINO\Local Settings\Temporary Internet Files\Content.IE5
Found ! [18/10/2008 19:18] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg
Found ! [18/10/2008 19:18] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg.loc
Found ! [31/10/2008 16:05] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg
Found ! [31/10/2008 16:06] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg.loc
Found ! [09/04/2008 17:25] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\1B7C6BBB643147767CBF61E712520564_www.maniazones.com%5cimages%5cicons%5cleagues%5cCentre.jpg
Found ! [09/04/2008 19:45] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg
Found ! [09/04/2008 19:45] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg.loc
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
ProcessManager=C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMAXPnP=C:\Program Files\Analog Devices\Core\smax4pnp.exe
SoundMAX="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
JMB36X IDE Setup=C:\WINDOWS\RaidTool\xInsIDE.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
ToolBoxFX="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
nwiz=nwiz.exe /install
RivaTunerStartupDaemon="C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
36X Raid Configurer=C:\WINDOWS\system32\xRaidSetup.exe boot
boinctray="C:\Program Files\Boinc\boinctray.exe"
boincmgr="C:\Program Files\Boinc\boincmgr.exe" /a /s
egui="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
Look 'n' Stop="C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ColdFear]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Jeu de Dames]
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
EapHost - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
/!\ wuauserv - Type de démarrage = 4
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur fixe
I: - Lecteur amovible
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa91df53-4fe6-11dc-bc6c-001bfc7760ff}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
* User : MERINO - DANIEL-F2379317
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 27/11/08 par Chiquitine29
* Recherche effectuée à 16:43:00 le 06/12/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Boinc\boinctray.exe
C:\Program Files\Boinc\boincmgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bill2's Process Manager\ProcessManager.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\MERINO\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\MERINO\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\MERINO\Local Settings\Temporary Internet Files\Content.IE5
Found ! [18/10/2008 19:18] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg
Found ! [18/10/2008 19:18] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg.loc
Found ! [31/10/2008 16:05] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg
Found ! [31/10/2008 16:06] - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg.loc
Found ! [09/04/2008 17:25] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\1B7C6BBB643147767CBF61E712520564_www.maniazones.com%5cimages%5cicons%5cleagues%5cCentre.jpg
Found ! [09/04/2008 19:45] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg
Found ! [09/04/2008 19:45] - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg.loc
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
ProcessManager=C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMAXPnP=C:\Program Files\Analog Devices\Core\smax4pnp.exe
SoundMAX="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
JMB36X IDE Setup=C:\WINDOWS\RaidTool\xInsIDE.exe
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
ToolBoxFX="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
nwiz=nwiz.exe /install
RivaTunerStartupDaemon="C:\Program Files\RivaTuner v2.10\RivaTuner.exe" /S
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
36X Raid Configurer=C:\WINDOWS\system32\xRaidSetup.exe boot
boinctray="C:\Program Files\Boinc\boinctray.exe"
boincmgr="C:\Program Files\Boinc\boincmgr.exe" /a /s
egui="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
Look 'n' Stop="C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ColdFear]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Jeu de Dames]
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
EapHost - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
/!\ wuauserv - Type de démarrage = 4
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
F: - Lecteur fixe
I: - Lecteur amovible
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa91df53-4fe6-11dc-bc6c-001bfc7760ff}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
Utilisateur anonyme
6 déc. 2008 à 17:31
6 déc. 2008 à 17:31
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Fais clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
--> Fais clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
7 déc. 2008 à 10:25
7 déc. 2008 à 10:25
----------------- FindyKill V4.706 ------------------
* User : MERINO - DANIEL-F2379317
* executed from : C:\Program Files\FindyKill
* Update on 27/11/08 par Chiquitine29
* Start at 10:12:18 the 07/12/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\MERINO\Application Data
»»»» Supression files in C:\DOCUME~1\MERINO\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\MERINO\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg.loc
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg.loc
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\1B7C6BBB643147767CBF61E712520564_www.maniazones.com%5cimages%5cicons%5cleagues%5cCentre.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg.loc
--------------- [ Registry / Infected keys ] ----------------
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
G: - Lecteur fixe
H: - Lecteur amovible
I: - Lecteur fixe
J: - Lecteur amovible
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa91df53-4fe6-11dc-bc6c-001bfc7760ff}\Shell\AutoRun\command
--------------- [ Searching Cracks / Keygen ] ----------------
[ Je préfère ne pas les afficher... =P ]
---------------- ! End of report ! ------------------
Il y avait un disque externe F:\ mais en pleine étape de suppression j'ai eu un beau message "L'écriture décalée a échoué" . Je crois que la partition a été endommagée :S
* User : MERINO - DANIEL-F2379317
* executed from : C:\Program Files\FindyKill
* Update on 27/11/08 par Chiquitine29
* Start at 10:12:18 the 07/12/2008
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Boinc\boinc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\MERINO\Application Data
»»»» Supression files in C:\DOCUME~1\MERINO\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\MERINO\Local Settings\Temporary Internet Files\Content.IE5
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\945ACE8901C1AA607B64E1DAB6CE7EB4_Skins%5cAny%5cAdvertisement%5c%24999TMC%5cd_s_right1.jpg.loc
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania\Cache\BFF6C7439EBA8436ABB649927FE56F86_Skins%5cAny%5cAdvertisement%5c1896.jpg.loc
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\1B7C6BBB643147767CBF61E712520564_www.maniazones.com%5cimages%5cicons%5cleagues%5cCentre.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg
Deleted ! - C:\Documents and Settings\All Users\Application Data\TrackMania United\Cache\9E0D4D1A57F92775C4D07A0FB6478D55_Skins%5cAny%5cAdvertisement%5ctogstadium_1_5.jpg.loc
--------------- [ Registry / Infected keys ] ----------------
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
EapHost - Type of startup = 2
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
E: - Lecteur fixe
G: - Lecteur fixe
H: - Lecteur amovible
I: - Lecteur fixe
J: - Lecteur amovible
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aa91df53-4fe6-11dc-bc6c-001bfc7760ff}\Shell\AutoRun\command
--------------- [ Searching Cracks / Keygen ] ----------------
[ Je préfère ne pas les afficher... =P ]
---------------- ! End of report ! ------------------
Il y avait un disque externe F:\ mais en pleine étape de suppression j'ai eu un beau message "L'écriture décalée a échoué" . Je crois que la partition a été endommagée :S
Utilisateur anonyme
9 déc. 2008 à 23:31
9 déc. 2008 à 23:31
--------------- [ Searching Cracks / Keygen ] ----------------
[ Je préfère ne pas les afficher... =P ]
et bien salut.....dans ce cas tu n as qu a les supprimer ...........quand on veut etre aidé les rapports doivent etre complets !
[ Je préfère ne pas les afficher... =P ]
et bien salut.....dans ce cas tu n as qu a les supprimer ...........quand on veut etre aidé les rapports doivent etre complets !
A-M13
Messages postés
83
Date d'inscription
mardi 2 décembre 2008
Statut
Membre
Dernière intervention
22 mai 2009
5
10 déc. 2008 à 14:02
10 déc. 2008 à 14:02
Je ne les affiche pas car tout le monde n'a pas besoin de savoir si j'avais des cracks ou pas sur mon PC... J'ai ces fichiers sur d'autres ordis qui ont ces fichiers et n'ont pas de problèmes.
Désolé, je n'attendais pas une réaction comma ça, je t'aurais envoyé le rapport par MP.
J'ai formaté, mais je tiens à te remercier pour ton aide.
Désolé, je n'attendais pas une réaction comma ça, je t'aurais envoyé le rapport par MP.
J'ai formaté, mais je tiens à te remercier pour ton aide.