Bonjour, oui vous avez raison c'était ceux d'hier...
je vous envoie les bons, sinon par rapport à hier j'ai enlevé le programme sdfix (j ai suivi votre conseils) et j'ai installé zone alarm
Au niveau
du PC il fonctionne normallment, j'ai relancé un scan, avec AVG il a retrouve un virus .D'ailleurs il ya pas mal de petits suspects programmes en .exe (en C/USERS/JEAN MARC/APPLICATIONS DATA/ROAMING OU LOCAL) je n'arrive d'ailleurs pas a les supprimer, j'ai l'impression qu'il reviennent
OTListIt logfile created on: 12/10/2008 13:32:17 - Run 3
OTListIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\Jean-Marc\Desktop
Windows Vista (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1013,50 Mb Total Physical Memory | 226,88 Mb Available Physical Memory | 22,39% Memory free
2,24 Gb Paging File | 1,29 Gb Available in Paging File | 57,63% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,62 Gb Total Space | 13,20 Gb Free Space | 12,38% Space Free | Partition Type: NTFS
Drive D: | 5,16 Gb Total Space | 1,22 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive E: | 553,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 968,25 Mb Total Space | 681,83 Mb Free Space | 70,42% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-JEAN-MARC
Current User Name: Jean-Marc
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ==========
[2006/11/02 11:45:57 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2006/11/02 11:45:21 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2007/07/16 06:53:49 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2008/03/03 15:05:02 | 00,079,400 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
[2006/11/02 11:45:04 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/10/10 08:50:29 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/10/06 23:17:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2006/11/24 16:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
[2006/10/19 14:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2006/08/04 03:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
[2006/11/02 11:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2006/11/24 16:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
[2008/10/06 23:17:10 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
[2008/10/06 23:17:09 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/04/11 23:08:42 | 01,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
[2006/11/15 08:02:46 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2006/11/05 19:02:32 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
[2006/11/05 19:05:32 | 00,106,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
[2006/11/05 19:02:18 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
[2006/11/06 11:58:18 | 00,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[2006/10/18 10:56:54 | 00,317,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
[2006/10/18 10:32:36 | 00,472,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[2008/10/01 18:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2008/10/06 23:17:09 | 01,234,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2008/03/03 15:05:04 | 00,959,976 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2006/05/10 13:24:34 | 00,278,528 | ---- | M] () -- C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
[2006/11/02 11:46:00 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2008/05/29 22:27:44 | 02,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
[2006/11/02 11:24:10 | 00,491,606 | ---- | M] () -- C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
[2008/05/29 22:27:44 | 02,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
[2006/11/02 14:34:48 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2008/09/07 17:13:37 | 00,086,016 | ---- | M] () -- C:\Windows\System32\drivers\cmstp.exe
[2008/06/27 05:54:09 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEUser.exe
[2008/07/19 07:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2007/06/14 07:36:23 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
[2008/06/27 05:54:09 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/10/11 12:00:16 | 00,416,768 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
========== (O23) Win32 Services ==========
[2008/10/10 08:50:29 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2006/06/26 10:50:08 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr [On_Demand | Stopped])
[2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/10/06 23:17:09 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2008/10/06 23:17:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
[2006/11/24 16:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2006/11/02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2006/11/24 16:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
[2006/11/02 14:36:25 | 02,089,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2007/08/30 07:22:17 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
[2006/11/02 14:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2008/09/08 20:14:24 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2006/11/02 14:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2006/11/02 11:46:05 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
[2007/04/11 23:02:51 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2006/12/04 13:35:32 | 00,058,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Stopped])
[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
[2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2006/10/19 14:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2006/11/02 15:04:14 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2006/11/02 14:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006/11/06 14:31:14 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
[2006/11/02 11:46:12 | 00,545,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs [Unknown | Running])
[2006/11/02 11:46:12 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
[2007/07/16 06:53:49 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 11:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2006/11/01 12:17:32 | 00,073,728 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Stopped])
[2006/11/02 11:45:50 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2006/11/02 11:45:50 | 00,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
[2008/03/03 15:05:02 | 00,079,400 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Running])
File not found -- %ProgramFiles%\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
[2006/08/04 03:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])
========== Driver Services ==========
[2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2006/11/02 11:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2006/11/02 11:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2008/10/06 23:17:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2008/10/06 23:17:26 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2008/10/06 23:17:34 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys -- (AvgWfpX [On_Demand | Running])
[2006/11/02 09:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])
File not found -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
[2006/11/02 10:31:12 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [On_Demand | Stopped])
[2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 10:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2006/11/02 10:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
File not found -- -- (CLFS [Unknown | Running])
[2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2006/11/02 11:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2006/11/02 10:31:04 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2007/08/30 07:22:17 | 00,619,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2006/11/02 09:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2006/06/28 10:57:00 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr [System | Running])
[2006/11/02 14:34:35 | 00,132,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2006/11/02 11:49:58 | 00,056,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2006/11/02 10:32:55 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2006/11/02 11:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2006/06/28 10:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey [On_Demand | Running])
[2006/11/18 03:52:54 | 00,145,920 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService [On_Demand | Running])
[2007/07/16 06:53:06 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 10:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 10:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2006/11/02 09:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
[2006/10/17 21:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2006/10/17 21:08:14 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
[2006/11/05 20:29:14 | 01,473,024 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/05 20:29:14 | 01,473,024 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx [On_Demand | Running])
[2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
File not found -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
[2006/11/02 10:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2006/11/02 11:51:12 | 00,168,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/02/14 20:38:00 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2006/11/02 10:56:49 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2006/11/02 10:33:07 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2006/06/19 00:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2007/12/16 11:56:45 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2006/11/02 11:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2007/07/16 06:55:59 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2006/11/02 10:31:27 | 00,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2007/12/13 08:46:22 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/02/14 20:33:55 | 00,025,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Boot | Running])
[2006/11/02 11:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,013,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2006/11/02 11:51:09 | 00,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/02/14 20:33:54 | 00,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2006/11/09 11:02:30 | 01,786,880 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Running])
[2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2006/11/02 10:57:30 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2006/11/02 11:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
[2006/11/02 11:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2007/08/30 07:22:18 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/02/23 04:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
[2006/11/02 14:34:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/02 11:02:01 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2006/11/15 03:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2006/11/14 22:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])
[2006/11/14 20:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])
[2006/11/02 10:56:49 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 11:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2007/06/14 07:35:14 | 00,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/02/14 20:38:00 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2007/06/14 07:35:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Running])
[2006/11/02 10:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2007/06/14 07:35:14 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Running])
[2006/11/02 11:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2006/11/02 10:57:10 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2006/11/02 11:49:35 | 00,018,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2007/12/13 08:46:21 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2007/12/13 08:46:21 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2006/11/15 08:24:00 | 00,179,256 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2006/11/02 10:57:47 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2006/11/02 10:57:35 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2006/11/02 11:02:07 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2007/07/16 06:55:58 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2007/07/16 06:55:58 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Stopped])
[2006/11/02 11:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys [Disabled | Stopped])
[2006/11/02 11:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2006/11/02 10:55:24 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/10/01 13:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2006/11/02 10:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2006/11/02 10:55:20 | 00,132,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Running])
[2006/11/02 10:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2006/11/02 10:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2006/11/02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,050,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2006/11/02 11:51:30 | 00,290,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/03/03 15:06:04 | 00,279,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant [System | Running])
[2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 10:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2006/11/02 11:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/02/14 20:38:01 | 00,495,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2006/10/17 21:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
[2007/11/14 08:21:26 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])
[2006/11/02 10:58:26 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])
[2006/08/04 03:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])
========== Internet Explorer ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://recherche.neuf.fr/
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://recherche.neuf.fr/ie/default.html
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://recherche.neuf.fr/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.fr/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://recherche.neuf.fr/
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.fr/
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
O1 HOSTS File: (266075 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1
www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1
www.132.com
O1 - Hosts: 127.0.0.1
www.136136.net
O1 - Hosts: 9217 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmes\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmes\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmes\Java\jre1.6.0_03\bin\ssv.dll File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe File not found
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide File not found
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" File not found
O4 - HKCU..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe (soft thinks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmes\Java\jre1.6.0_03\bin\npjpi160_03.dll File not found
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
http://webscanner.kaspersky.fr/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61}
http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (HouseCall Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O18 - Protocol\Handler: - cdo - C:\Programmes\Common Files\microsoft shared\Web Folders\PKMCDO.DLL File not found
O18 - Protocol\Handler: - linkscanner - C:\Programmes\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler: - msdaipp\oledb - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler: - ms-help - C:\Programmes\Common Files\microsoft shared\Help\hxds.dll File not found
O18 - Protocol\Handler: - ms-itss - C:\Programmes\Common Files\microsoft shared\Information Retrieval\msitss.dll File not found
O18 - Protocol\Handler: - skype4com - C:\Programmes\Common Files\Skype\Skype4COM.dll File not found
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - See sections below for AppInitDlls and Winlogon settings
========== HKCU WinNT Load/Run ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = C:\Windows\System32\drivers\cmstp.exe
>[2008/09/07 17:13:37 | 00,086,016 | ---- | M] () -- C:\Windows\System32\drivers\cmstp.exe
========== HKU\S-1-5-21-1097869764-2982508946-2388530856-1000 WinNT Load/Run ==========
[HKEY_USERS\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = C:\Windows\System32\drivers\cmstp.exe
>[2008/09/07 17:13:37 | 00,086,016 | ---- | M] () -- C:\Windows\System32\drivers\cmstp.exe
========== AppInit_DLLs ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls" = avgrsstx.dll
>[2008/10/06 23:17:37 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
========== Winlogon Notify Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxdev.dll -- C:\Windows\System32\igfxdev.dll (Intel Corporation)
========== HKLM *SecurityProviders* ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders" = credssp.dll
>[2006/11/02 11:46:03 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
========== LSA *Security Packages* ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg,
>[2006/11/02 11:46:13 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll
========== Safeboot Options ==========
"AlternateShell" = cmd.exe
========== CDRom AutoRun Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ==========
autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]
AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ]
[2005/09/11 17:18:54 | 00,000,340 | -HS- | M] () -- D:\AUTOMODE -- [ NTFS ]
========== MountPoints2 ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{154bf7e3-eb45-11db-b4dc-0016d394390f}\Shell\AutoRun\command]
"" = F:\.\MigWiz\migsetup.exe -- File not found
========== Files/Folders - Created Within 30 Days ==========
[1 C:\Windows\System32\drivers\*.tmp files]
[2008/10/12 12:57:38 | 00,086,016 | ---- | C] () -- C:\Users\Jean-Marc\AppData\Roaming\comrepl.exe
[2008/10/12 11:59:55 | 00,086,016 | ---- | C] () -- C:\Windows\System32\drivers\cmstp.exe
[2008/10/12 11:54:12 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/10/12 11:46:55 | 00,334,848 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTMoveIt3.exe
[2008/10/12 11:45:58 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2008/10/12 11:44:36 | 00,000,913 | ---- | C] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2008/10/12 11:44:13 | 00,000,733 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\NTREGOPT.lnk
[2008/10/12 11:44:13 | 00,000,714 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\ERUNT.lnk
[2008/10/12 11:44:10 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2008/10/12 11:43:09 | 00,005,024 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\erunt-loc_fr.zip
[2008/10/12 11:42:24 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Jean-Marc\Desktop\erunt-setup.exe
[2008/10/11 23:46:33 | 00,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/11 23:35:34 | 00,005,571 | ---- | C] () -- C:\Windows\System32\vsconfig.xml
[2008/10/11 23:35:32 | 00,054,672 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc040c.dll
[2008/10/11 23:35:00 | 01,086,952 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\zpeng24.dll
[2008/10/11 23:34:58 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/10/11 23:34:57 | 00,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2008/10/11 23:27:15 | 00,352,615 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2008/10/11 23:27:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2008/10/11 23:26:24 | 00,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2008/10/11 15:29:47 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2008/10/11 14:31:02 | 06,291,456 | -H-- | C] () -- C:\Users\Jean-Marc\AppData\Local\IconCache.db
[2008/10/11 11:59:51 | 00,416,768 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
[2008/10/10 23:49:27 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/10/10 22:55:56 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jean-Marc\Desktop\HFI.exe
[2008/10/10 22:42:40 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2008/10/10 22:42:40 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/10 22:42:39 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/10/10 22:40:17 | 02,189,864 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jean-Marc\Desktop\mbam-setup.exe
[2008/10/10 21:55:49 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/10/10 21:25:50 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Desktop\backups
[2008/10/10 21:10:39 | 00,316,322 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\hijackthis.zip
[2008/10/10 20:16:56 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/10 15:15:22 | 00,007,285 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url:favicon
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2008/10/10 08:49:23 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/10/10 08:49:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2008/10/10 08:45:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/10 08:05:25 | 00,000,264 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Besoin d'un oeil avisé (hijackthis et virus)##.url
[2008/10/10 08:00:07 | 00,000,268 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url:favicon
[2008/10/09 17:27:43 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
[2008/10/08 22:00:49 | 00,000,938 | ---- | C] () -- C:\Windows\System32\map1.xml
[2008/10/08 21:57:54 | 00,002,541 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\YoodaMap.lnk
[2008/10/08 21:57:53 | 00,000,000 | ---D | C] -- C:\Program Files\Yooda
[2008/10/08 08:33:01 | 00,059,722 | ---- | C] () -- C:\Users\Jean-Marc\Documents\cc_20081008_083259.reg
[2008/10/08 08:10:30 | 00,001,670 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\CCleaner.lnk
[2008/10/08 08:10:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/10/07 07:57:56 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2008/10/06 23:17:39 | 00,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk
[2008/10/06 23:17:37 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2008/10/06 23:17:34 | 00,069,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys
[2008/10/06 23:17:28 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2008/10/06 23:17:26 | 28,551,957 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2008/10/06 23:17:26 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2008/10/06 23:17:26 | 00,307,238 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2008/10/06 23:17:26 | 00,068,419 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2008/10/06 23:17:26 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2008/10/06 23:17:26 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2008/10/06 23:17:07 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2008/10/06 23:17:06 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2008/10/06 14:51:51 | 00,507,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\TMUPDATE.DLL
[2008/10/06 14:51:51 | 00,286,720 | ---- | C] (Trend Micro Inc.) -- C:\Windows\PATCH.EXE
[2008/10/06 14:51:51 | 00,069,689 | ---- | C] (Trend Micro Inc.) -- C:\Windows\UNZIP.DLL
[2008/10/06 00:48:40 | 00,000,000 | ---D | C] -- C:\Program Files\Techlogg.com ToneShop
[2008/10/06 00:48:00 | 04,198,049 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\toneshop_toneshop_build_25_anglais_240024.exe
[2008/10/05 23:16:34 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2008/10/04 19:16:18 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2008/10/04 19:15:34 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/10/04 19:05:12 | 00,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2008/10/04 19:04:37 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/10/04 10:32:43 | 00,002,834 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie.ste
[2008/10/04 10:30:58 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie
[2008/09/27 22:35:05 | 00,096,076 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\
plan 2a.png
[2008/09/27 22:11:42 | 00,046,245 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\
plan 2.png
[2008/09/27 22:06:50 | 00,047,063 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\
plan.png
[2008/09/25 06:29:07 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2008/09/21 15:24:45 | 00,034,999 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\https___recharge.sfr.fr_webwapclient_026_sf_reloadPrepare.pdf
[2008/09/20 18:49:04 | 00,027,648 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.doc
[2008/09/20 15:14:27 | 00,012,471 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.docx
[2008/09/20 11:25:16 | 00,000,000 | ---D | C] -- C:\Program Files\FreeUndelete
[2008/09/20 09:28:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2008/09/20 09:28:00 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDERUN.DLL
[2008/09/20 09:28:00 | 00,081,920 | ---- | C] (Data Dynamics) -- C:\Windows\System32\rtfexpt.dll
[2008/09/20 09:27:59 | 00,232,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATLST.OCX
[2008/09/20 09:27:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2008/09/20 09:27:58 | 01,012,224 | R--- | C] (Data Dynamics) -- C:\Windows\System32\actrpt.dll
[2008/09/20 09:27:58 | 00,302,256 | ---- | C] (Data Dynamics) -- C:\Windows\System32\arviewer.ocx
[2008/09/20 09:27:58 | 00,118,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX
[2008/09/20 09:27:58 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\STDFTFR.DLL
[2008/09/20 09:27:57 | 00,016,384 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL
[2008/09/20 09:27:56 | 00,030,720 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\DATLSFR.DLL
[2008/09/20 09:27:42 | 00,074,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrclr40.dll
[2008/09/20 09:27:40 | 00,028,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrecr40.dll
[2008/09/20 09:27:31 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2008/09/20 09:27:24 | 00,032,768 | R--- | C] () -- C:\Windows\System32\mautils.dll
[2008/09/20 09:27:23 | 00,063,488 | R--- | C] () -- C:\Windows\System32\Eztw32.dll
[2008/09/20 09:27:23 | 00,000,000 | ---D | C] -- C:\Program Files\Micro Application
[2008/09/15 22:31:17 | 00,169,297 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\deontologiemedicalesurleweb2008.pdf
[2008/09/14 11:45:16 | 00,043,324 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 4.pdf
[2008/09/14 11:42:39 | 00,044,014 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 3.pdf
[2008/09/14 11:39:08 | 00,043,982 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 2.pdf
[2008/09/14 11:36:21 | 00,043,665 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca.pdf
[2008/09/13 14:52:42 | 00,025,806 | ---- | C] () -- C:\Users\Jean-Marc\Documents\https___commander.1and1.pdf
========== Files - Modified Within 30 Days ==========
[1 C:\Windows\System32\drivers\*.tmp files]
[2008/12/08 15:10:17 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C2CAE21-AD4C-494F-9D4C-171A4BFDF297}.job
[2008/10/12 13:05:40 | 00,352,615 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2008/10/12 13:05:02 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2008/10/12 13:04:56 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2008/10/12 13:04:56 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2008/10/12 13:04:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2008/10/12 13:02:29 | 06,291,456 | -H-- | M] () -- C:\Users\Jean-Marc\AppData\Local\IconCache.db
[2008/10/12 12:00:47 | 00,000,268 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url:favicon
[2008/10/12 11:46:59 | 00,334,848 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTMoveIt3.exe
[2008/10/12 11:44:36 | 00,000,913 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2008/10/12 11:44:13 | 00,000,733 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\NTREGOPT.lnk
[2008/10/12 11:44:13 | 00,000,714 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\ERUNT.lnk
[2008/10/12 11:43:11 | 00,005,024 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\erunt-loc_fr.zip
[2008/10/12 11:42:29 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Jean-Marc\Desktop\erunt-setup.exe
[2008/10/12 00:27:32 | 00,007,285 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url
@Alternate Data Stream - 1150 by
: voila la bête :
pour continuer dans ce fil de discussion.
et choisir 