[OK] Demande d'analyse de log Hijackthis

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

suite... de OTLIST.TXT

Messagede JMS2 » 12 Oct 2008, 12:44

[2008/10/11 23:46:33 | 00,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2008/10/11 23:37:00 | 00,000,264 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Besoin d'un oeil avisé (hijackthis et virus)##.url
[2008/10/11 23:35:35 | 00,005,571 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
[2008/10/11 22:50:24 | 28,551,957 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2008/10/11 14:53:36 | 01,808,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2008/10/11 12:00:16 | 00,416,768 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
[2008/10/11 11:49:51 | 00,002,541 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\YoodaMap.lnk
[2008/10/11 00:31:37 | 00,001,356 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Local\d3d9caps.dat
[2008/10/10 23:23:42 | 00,266,075 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2008/10/10 22:42:40 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/10 22:41:05 | 02,189,864 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jean-Marc\Desktop\mbam-setup.exe
[2008/10/10 21:10:47 | 00,316,322 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\hijackthis.zip
[2008/10/10 08:49:35 | 00,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2008/10/10 08:49:35 | 00,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2008/10/09 22:12:48 | 00,307,238 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2008/10/09 17:29:33 | 00,700,222 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2008/10/09 17:29:33 | 00,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2008/10/09 17:29:33 | 00,122,020 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2008/10/09 17:29:33 | 00,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2008/10/09 17:29:32 | 01,538,854 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/10/08 22:00:49 | 00,000,938 | ---- | M] () -- C:\Windows\System32\map1.xml
[2008/10/08 21:03:51 | 00,095,744 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/08 14:06:41 | 00,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2008/10/08 14:06:41 | 00,000,034 | ---- | M] () -- C:\Windows\System32\BD7420.DAT
[2008/10/08 08:33:07 | 00,059,722 | ---- | M] () -- C:\Users\Jean-Marc\Documents\cc_20081008_083259.reg
[2008/10/08 08:10:30 | 00,001,670 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\CCleaner.lnk
[2008/10/06 23:19:08 | 00,068,419 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2008/10/06 23:17:39 | 00,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk
[2008/10/06 23:17:37 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2008/10/06 23:17:34 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys
[2008/10/06 23:17:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2008/10/06 23:17:26 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2008/10/06 23:17:26 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2008/10/06 14:51:52 | 00,507,904 | ---- | M] (Trend Micro Inc.) -- C:\Windows\TMUPDATE.DLL
[2008/10/06 14:51:51 | 00,286,720 | ---- | M] (Trend Micro Inc.) -- C:\Windows\PATCH.EXE
[2008/10/06 14:51:51 | 00,069,689 | ---- | M] (Trend Micro Inc.) -- C:\Windows\UNZIP.DLL
[2008/10/06 00:48:16 | 04,198,049 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\toneshop_toneshop_build_25_anglais_240024.exe
[2008/10/04 19:16:18 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2008/10/04 19:05:12 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2008/10/04 10:32:43 | 00,002,834 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie.ste
[2008/09/27 23:01:33 | 00,096,076 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan 2a.png
[2008/09/27 22:11:10 | 00,046,245 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan 2.png
[2008/09/27 22:06:15 | 00,047,063 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan.png
[2008/09/21 15:24:40 | 00,034,999 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\https___recharge.sfr.fr_webwapclient_026_sf_reloadPrepare.pdf
[2008/09/20 21:28:34 | 00,027,648 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.doc
[2008/09/20 15:14:28 | 00,012,471 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.docx
[2008/09/15 22:31:17 | 00,169,297 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\deontologiemedicalesurleweb2008.pdf
[2008/09/14 11:45:09 | 00,043,324 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 4.pdf
[2008/09/14 11:42:32 | 00,044,014 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 3.pdf
[2008/09/14 11:38:56 | 00,043,982 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 2.pdf
[2008/09/14 11:36:11 | 00,043,665 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca.pdf
[2008/09/13 14:52:35 | 00,025,806 | ---- | M] () -- C:\Users\Jean-Marc\Documents\https___commander.1and1.pdf

<End>
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

FICHIER EXTRATS.TXT

Messagede JMS2 » 12 Oct 2008, 12:45

OTListIt Extras logfile created on: 12/10/2008 13:32:17 - Run 3
OTListIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\Jean-Marc\Desktop
Windows Vista (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1013,50 Mb Total Physical Memory | 226,88 Mb Available Physical Memory | 22,39% Memory free
2,24 Gb Paging File | 1,29 Gb Available in Paging File | 57,63% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,62 Gb Total Space | 13,20 Gb Free Space | 12,38% Space Free | Partition Type: NTFS
Drive D: | 5,16 Gb Total Space | 1,22 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive E: | 553,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 968,25 Mb Total Space | 681,83 Mb Free Space | 70,42% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JEAN-MARC
Current User Name: Jean-Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08783603-FFD0-479c-9160-E2FA46E62883}" = Mise à niveau de Works
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}" = Complément Microsoft Word pour Microsoft Works Suite
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{38D95956-E92C-4473-904B-CD877EA04410}" = Philips SPC210NC Webcam
"{3FBD76E5-E422-11D5-B8D1-000102A5FE5B}" = Dictionnaire des prénoms
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.0
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00006
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{633A27AE-C1C4-48E7-85D4-3C34994B5331}" = Yooda Map
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}" = Adobe Setup
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91DBD16F-BA92-4B2E-A65A-56DB3EE67AC4}" = HP User Guide 0052
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6694BAA-7604-46AA-A41F-B5F1E6DADE7A}" = OpenOffice.org 2.4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3
"Adobe_b2b4b1546e74314f8131ded43e4bd9d" = Adobe Flash CS3 Professional
"Asterisk Key" = Asterisk Key 8.3
"AVG8Uninstall" = AVG Free 8.0
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_AK_SH_VI_VEN_14F1&DEV_5045" = HDAUDIO Soft Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Kit USB TELIUM 1.0_is1" = Kit USB TELIUM 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (2.0.0.16)" = Mozilla Firefox (2.0.0.16)
"Neuf_Kit" = Neuf - Kit de connexion
"Notepad++" = Notepad++
"Picasa2" = Picasa 2
"PROR" = Version d'évaluation de Microsoft Office Professional 2007
"Shockwave" = Shockwave
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SYSTAT 9" = SYSTAT 9
"TIMELEFT3_is1" = TimeLeft
"WinAce Archiver" = WinAce Archiver
"WinRAR archiver" = Archiveur WinRAR
"Works2005Setup" = Sélecteur d'installation de Microsoft Works 2005
"YInstHelper" = Yahoo! Install Manager
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/09/2008 05:26:36 | Computer Name = PC-de-Jean-Marc | Source = Application Error | ID = 1000
Description = Application défaillante fru.exe, version 1.0.0.1, horodatage 0x48ca75ce,
module défaillant fru.exe, version 1.0.0.1, horodatage 0x48ca75ce, code d’exception
0xc0000005, décalage d’erreur 0x00020f7f, ID du processus 0xec8, heure de début
de l’application 0x01c91b02cd77f786.

Error - 04/10/2008 06:24:45 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme iexplore.exe version 7.0.6000.16711 a cessé d’interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l’historique du problème dans l’application Rapports
et solutions aux problèmes du Panneau de configuration. ID de processus : 1f0 Heure
de début : 01c92607044abe49 Heure de fin : 12

Error - 06/10/2008 13:52:21 | Computer Name = PC-de-Jean-Marc | Source = Application Error | ID = 1000
Description = Application défaillante SYMCUW.exe, version 8.1.0.27, horodatage 0x47a12c37,
module défaillant WmiClnt.dll, version 2008.6.0.18, horodatage 0x47aa2258, code
d’exception 0xc0000005, décalage d’erreur 0x00002900, ID du processus 0x1770, heure
de début de l’application 0x01c927b5b16945c6.

Error - 06/10/2008 17:38:08 | Computer Name = PC-de-Jean-Marc | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.16711, horodatage
0x486445ce, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc0000005, décalage d’erreur 0x0003b15f, ID du processus 0xc3c,
heure de début de l’application 0x01c927f98b7e4b93.

Error - 09/10/2008 11:50:04 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 15:58:57 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 17:48:40 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 04:00:28 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 06:03:57 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme OTListIt.exe version 1.0.7.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : efc Heure de
début : 01c92b8865b01b2e Heure de fin : 0

Error - 11/10/2008 17:30:52 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme GLB6ADB.tmp version 7.1.254.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 1150 Heure
de début : 01c92be8023415b0 Heure de fin : 4

[ Media Center Events ]
Error - 18/04/2008 04:48:28 | Computer Name = PC-de-Jean-Marc | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

[ System Events ]
Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 11/10/2008 17:47:17 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 12/10/2008 05:21:46 | Computer Name = PC-de-Jean-Marc | Source = Service Control Manager | ID = 7000
Description =

Error - 12/10/2008 05:29:50 | Computer Name = PC-de-Jean-Marc | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 12/10/2008 05:38:51 | Computer Name = PC-de-Jean-Marc | Source = Service Control Manager | ID = 7000
Description =

Error - 12/10/2008 05:59:55 | Computer Name = PC-de-Jean-Marc | Source = Service Control Manager | ID = 7000
Description =


<End>


Voilà pour le deuxième rapport
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

Messagede nickW » 12 Oct 2008, 13:12

Re-

Les fichiers nuisibles ont été créés le 07/09/2008 vers 17h13.

Comme l'utilisation standard de OTListIt liste les fichiers créés et modifiés au cours des 30 derniers jours, et comme nous sommes le 12/10, ces fichiers n'apparaissent pas dans le rapport.

Je vais donc te demander de relancer OTListIt, puis de choisir dans la rubrique File Age (en haut), 60 Days (60 jours) avant de cliquer sur le bouton Run Scan.

Les logs créés risquent d'être très longs, et il est inutile de les envoyer en totalité sur le forum.

Je n'ai besoin que de deux paragraphes du fichier OTListIt.txt:

========== Files/Folders - Created Within 60 Days ==========

========== Files - Modified Within 60 Days ==========

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

ok

Messagede JMS2 » 12 Oct 2008, 13:27

Voilà le fichier demandé :)
Merci encore



========== Files/Folders - Created Within 60 Days ==========

[1 C:\Windows\System32\drivers\*.tmp files]
[2008/10/12 12:57:38 | 00,086,016 | ---- | C] () -- C:\Users\Jean-Marc\AppData\Roaming\comrepl.exe
[2008/10/12 11:59:55 | 00,086,016 | ---- | C] () -- C:\Windows\System32\drivers\cmstp.exe
[2008/10/12 11:54:12 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/10/12 11:46:55 | 00,334,848 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTMoveIt3.exe
[2008/10/12 11:45:58 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2008/10/12 11:44:36 | 00,000,913 | ---- | C] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2008/10/12 11:44:13 | 00,000,733 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\NTREGOPT.lnk
[2008/10/12 11:44:13 | 00,000,714 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\ERUNT.lnk
[2008/10/12 11:44:10 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2008/10/12 11:43:09 | 00,005,024 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\erunt-loc_fr.zip
[2008/10/12 11:42:24 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Jean-Marc\Desktop\erunt-setup.exe
[2008/10/11 23:46:33 | 00,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/11 23:35:34 | 00,005,571 | ---- | C] () -- C:\Windows\System32\vsconfig.xml
[2008/10/11 23:35:32 | 00,054,672 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc040c.dll
[2008/10/11 23:35:00 | 01,086,952 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\zpeng24.dll
[2008/10/11 23:34:58 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/10/11 23:34:57 | 00,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2008/10/11 23:27:15 | 00,352,615 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2008/10/11 23:27:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2008/10/11 23:26:24 | 00,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2008/10/11 15:29:47 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2008/10/11 14:31:02 | 06,291,456 | -H-- | C] () -- C:\Users\Jean-Marc\AppData\Local\IconCache.db
[2008/10/11 11:59:51 | 00,416,768 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
[2008/10/10 23:49:27 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/10/10 22:55:56 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jean-Marc\Desktop\HFI.exe
[2008/10/10 22:42:40 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2008/10/10 22:42:40 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/10 22:42:39 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/10/10 22:40:17 | 02,189,864 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jean-Marc\Desktop\mbam-setup.exe
[2008/10/10 21:55:49 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/10/10 21:25:50 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Desktop\backups
[2008/10/10 21:10:39 | 00,316,322 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\hijackthis.zip
[2008/10/10 20:16:56 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/10 15:15:22 | 00,007,285 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url:favicon
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2008/10/10 08:49:23 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/10/10 08:49:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2008/10/10 08:45:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/10 08:00:07 | 00,000,268 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url:favicon
[2008/10/09 17:27:43 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
[2008/10/08 22:00:49 | 00,000,938 | ---- | C] () -- C:\Windows\System32\map1.xml
[2008/10/08 21:57:54 | 00,002,541 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\YoodaMap.lnk
[2008/10/08 21:57:53 | 00,000,000 | ---D | C] -- C:\Program Files\Yooda
[2008/10/08 08:33:01 | 00,059,722 | ---- | C] () -- C:\Users\Jean-Marc\Documents\cc_20081008_083259.reg
[2008/10/08 08:10:30 | 00,001,670 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\CCleaner.lnk
[2008/10/08 08:10:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/10/07 07:57:56 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2008/10/06 23:17:39 | 00,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk
[2008/10/06 23:17:37 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2008/10/06 23:17:34 | 00,069,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys
[2008/10/06 23:17:28 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2008/10/06 23:17:26 | 28,551,957 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2008/10/06 23:17:26 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2008/10/06 23:17:26 | 00,307,238 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2008/10/06 23:17:26 | 00,068,419 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2008/10/06 23:17:26 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2008/10/06 23:17:26 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2008/10/06 23:17:07 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2008/10/06 23:17:06 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2008/10/06 14:51:51 | 00,507,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\TMUPDATE.DLL
[2008/10/06 14:51:51 | 00,286,720 | ---- | C] (Trend Micro Inc.) -- C:\Windows\PATCH.EXE
[2008/10/06 14:51:51 | 00,069,689 | ---- | C] (Trend Micro Inc.) -- C:\Windows\UNZIP.DLL
[2008/10/06 00:48:40 | 00,000,000 | ---D | C] -- C:\Program Files\Techlogg.com ToneShop
[2008/10/06 00:48:00 | 04,198,049 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\toneshop_toneshop_build_25_anglais_240024.exe
[2008/10/05 23:16:34 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2008/10/04 19:16:18 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2008/10/04 19:15:34 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/10/04 19:05:12 | 00,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2008/10/04 19:04:37 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/10/04 10:32:43 | 00,002,834 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie.ste
[2008/10/04 10:30:58 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie
[2008/09/27 22:35:05 | 00,096,076 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan 2a.png
[2008/09/27 22:11:42 | 00,046,245 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan 2.png
[2008/09/27 22:06:50 | 00,047,063 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan.png
[2008/09/25 06:29:07 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2008/09/21 15:24:45 | 00,034,999 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\https___recharge.sfr.fr_webwapclient_026_sf_reloadPrepare.pdf
[2008/09/20 18:49:04 | 00,027,648 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.doc
[2008/09/20 15:14:27 | 00,012,471 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.docx
[2008/09/20 11:25:16 | 00,000,000 | ---D | C] -- C:\Program Files\FreeUndelete
[2008/09/20 09:28:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2008/09/20 09:28:00 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDERUN.DLL
[2008/09/20 09:28:00 | 00,081,920 | ---- | C] (Data Dynamics) -- C:\Windows\System32\rtfexpt.dll
[2008/09/20 09:27:59 | 00,232,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATLST.OCX
[2008/09/20 09:27:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2008/09/20 09:27:58 | 01,012,224 | R--- | C] (Data Dynamics) -- C:\Windows\System32\actrpt.dll
[2008/09/20 09:27:58 | 00,302,256 | ---- | C] (Data Dynamics) -- C:\Windows\System32\arviewer.ocx
[2008/09/20 09:27:58 | 00,118,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX
[2008/09/20 09:27:58 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\STDFTFR.DLL
[2008/09/20 09:27:57 | 00,016,384 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL
[2008/09/20 09:27:56 | 00,030,720 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\DATLSFR.DLL
[2008/09/20 09:27:42 | 00,074,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrclr40.dll
[2008/09/20 09:27:40 | 00,028,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrecr40.dll
[2008/09/20 09:27:31 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2008/09/20 09:27:24 | 00,032,768 | R--- | C] () -- C:\Windows\System32\mautils.dll
[2008/09/20 09:27:23 | 00,063,488 | R--- | C] () -- C:\Windows\System32\Eztw32.dll
[2008/09/20 09:27:23 | 00,000,000 | ---D | C] -- C:\Program Files\Micro Application
[2008/09/15 22:31:17 | 00,169,297 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\deontologiemedicalesurleweb2008.pdf
[2008/09/14 11:45:16 | 00,043,324 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 4.pdf
[2008/09/14 11:42:39 | 00,044,014 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 3.pdf
[2008/09/14 11:39:08 | 00,043,982 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 2.pdf
[2008/09/14 11:36:21 | 00,043,665 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca.pdf
[2008/09/13 14:52:42 | 00,025,806 | ---- | C] () -- C:\Users\Jean-Marc\Documents\https___commander.1and1.pdf
[2008/09/11 14:54:19 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/09/10 14:38:23 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie2
[2008/09/10 14:37:57 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Site sans nom 2
[2008/09/10 12:11:21 | 00,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2008/09/10 12:11:20 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/09/10 11:35:28 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Version Cue
[2008/09/10 11:35:14 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\AdobeStockPhotos
[2008/09/10 11:22:15 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2008/09/10 11:22:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008/09/10 11:22:00 | 04,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2008/09/10 11:21:07 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2008/09/09 11:06:01 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Local\WindowsUpdate
[2008/09/09 01:07:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2008/09/09 01:05:45 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2008/09/09 01:05:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2008/09/09 00:59:02 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2008/09/09 00:43:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2008/09/09 00:28:59 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Local\Microsoft Help
[2008/09/09 00:28:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2008/09/08 22:12:23 | 00,000,131 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\omar-loldz.com-tuto.jpg.url
[2008/09/08 21:58:52 | 00,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2008/09/08 20:37:18 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/09/08 20:14:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2008/09/08 17:32:21 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\WinRAR
[2008/09/08 17:32:14 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/09/07 17:12:50 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2008/09/07 16:07:38 | 00,000,774 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2008/09/06 20:38:08 | 00,235,885 | ---- | C] () -- C:\Users\Jean-Marc\Documents\a.jpg
[2008/09/06 13:50:04 | 00,001,040 | ---- | C] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
[2008/09/05 23:10:16 | 00,000,179 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Apprenez à créer votre site web ! - Site Web - Les tutoriels#part_13663.url
[2008/09/05 17:41:09 | 00,000,816 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Notepad++.lnk
[2008/09/05 17:41:06 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\Notepad++
[2008/09/05 17:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2008/08/31 15:40:46 | 00,025,088 | ---- | C] () -- C:\Users\Jean-Marc\Documents\RESILIATION EUROMUT.doc
[2008/08/27 19:30:41 | 00,045,568 | ---- | C] () -- C:\Users\Jean-Marc\Documents\An%20unusual%20presentation%20of%20peripartum%20cardiomyopathy[1].doc
[2008/08/25 20:04:40 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4
[2008/08/25 20:01:22 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4 (fr) Installation Files
[2008/08/21 18:14:13 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2008/08/21 18:14:13 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2008/08/21 18:14:13 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2008/08/21 18:14:13 | 00,045,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2008/08/21 18:13:24 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2008/08/21 18:13:24 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2008/08/21 18:13:24 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2008/08/21 18:13:05 | 00,163,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2008/08/21 18:13:05 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2008/08/16 10:17:52 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2008/08/15 19:18:22 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPSECSVC.DLL
[2008/08/15 19:18:22 | 00,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
[2008/08/15 19:18:22 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winipsec.dll
[2008/08/15 19:18:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2008/08/15 19:18:17 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll
[2008/08/15 19:18:09 | 03,592,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2008/08/15 19:18:03 | 06,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2008/08/15 19:18:02 | 01,159,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2008/08/15 19:18:01 | 00,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2008/08/15 19:18:01 | 00,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2008/08/15 19:18:00 | 01,831,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2008/08/15 19:17:59 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2008/08/15 19:17:59 | 00,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2008/08/15 19:17:59 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2008/08/15 19:17:59 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2008/08/15 19:17:59 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2008/08/15 19:17:58 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2008/08/15 19:17:58 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2008/08/15 19:17:58 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2008/08/15 19:17:58 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2008/08/15 19:17:58 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2008/08/15 19:17:58 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2008/08/15 19:17:57 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2008/08/15 19:17:56 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2008/08/15 19:17:56 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2008/08/15 19:17:23 | 00,737,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
[2008/08/15 19:17:22 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2008/08/15 17:47:38 | 00,046,592 | ---- | C] () -- C:\Users\Jean-Marc\Documents\TARIF SEPTEMBRE 08.doc
[2008/08/15 10:58:56 | 00,075,776 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Influence of recruitment way in systemic sclerosis depending severity of disease.doc


========== Files - Modified Within 60 Days ==========

[1 C:\Windows\System32\drivers\*.tmp files]
[2008/12/08 15:10:17 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{8C2CAE21-AD4C-494F-9D4C-171A4BFDF297}.job
[2008/10/12 14:04:54 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2008/10/12 14:04:54 | 00,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2008/10/12 13:05:40 | 00,352,615 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2008/10/12 13:05:02 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2008/10/12 13:04:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2008/10/12 13:02:29 | 06,291,456 | -H-- | M] () -- C:\Users\Jean-Marc\AppData\Local\IconCache.db
[2008/10/12 12:00:47 | 00,000,268 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url:favicon
[2008/10/12 11:46:59 | 00,334,848 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTMoveIt3.exe
[2008/10/12 11:44:36 | 00,000,913 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2008/10/12 11:44:13 | 00,000,733 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\NTREGOPT.lnk
[2008/10/12 11:44:13 | 00,000,714 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\ERUNT.lnk
[2008/10/12 11:43:11 | 00,005,024 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\erunt-loc_fr.zip
[2008/10/12 11:42:29 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Jean-Marc\Desktop\erunt-setup.exe
[2008/10/12 00:27:32 | 00,007,285 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url:favicon
[2008/10/11 23:46:33 | 00,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2008/10/11 23:35:35 | 00,005,571 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
[2008/10/11 22:50:24 | 28,551,957 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2008/10/11 14:53:36 | 01,808,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2008/10/11 12:00:16 | 00,416,768 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
[2008/10/11 11:49:51 | 00,002,541 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\YoodaMap.lnk
[2008/10/11 00:31:37 | 00,001,356 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Local\d3d9caps.dat
[2008/10/10 23:23:42 | 00,266,075 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2008/10/10 22:42:40 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/10 22:41:05 | 02,189,864 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jean-Marc\Desktop\mbam-setup.exe
[2008/10/10 21:10:47 | 00,316,322 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\hijackthis.zip
[2008/10/10 08:49:35 | 00,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2008/10/10 08:49:35 | 00,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2008/10/09 22:12:48 | 00,307,238 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2008/10/09 17:29:33 | 00,700,222 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2008/10/09 17:29:33 | 00,618,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2008/10/09 17:29:33 | 00,122,020 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2008/10/09 17:29:33 | 00,107,614 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2008/10/09 17:29:32 | 01,538,854 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/10/08 22:00:49 | 00,000,938 | ---- | M] () -- C:\Windows\System32\map1.xml
[2008/10/08 21:03:51 | 00,095,744 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/08 14:06:41 | 00,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2008/10/08 14:06:41 | 00,000,034 | ---- | M] () -- C:\Windows\System32\BD7420.DAT
[2008/10/08 08:33:07 | 00,059,722 | ---- | M] () -- C:\Users\Jean-Marc\Documents\cc_20081008_083259.reg
[2008/10/08 08:10:30 | 00,001,670 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\CCleaner.lnk
[2008/10/06 23:19:08 | 00,068,419 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2008/10/06 23:17:39 | 00,001,647 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk
[2008/10/06 23:17:37 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2008/10/06 23:17:34 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys
[2008/10/06 23:17:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2008/10/06 23:17:26 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2008/10/06 23:17:26 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2008/10/06 14:51:52 | 00,507,904 | ---- | M] (Trend Micro Inc.) -- C:\Windows\TMUPDATE.DLL
[2008/10/06 14:51:51 | 00,286,720 | ---- | M] (Trend Micro Inc.) -- C:\Windows\PATCH.EXE
[2008/10/06 14:51:51 | 00,069,689 | ---- | M] (Trend Micro Inc.) -- C:\Windows\UNZIP.DLL
[2008/10/06 00:48:16 | 04,198,049 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\toneshop_toneshop_build_25_anglais_240024.exe
[2008/10/04 19:16:18 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2008/10/04 19:05:12 | 00,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2008/10/04 10:32:43 | 00,002,834 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie.ste
[2008/09/27 23:01:33 | 00,096,076 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan 2a.png
[2008/09/27 22:11:10 | 00,046,245 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan 2.png
[2008/09/27 22:06:15 | 00,047,063 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\plan.png
[2008/09/21 15:24:40 | 00,034,999 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\https___recharge.sfr.fr_webwapclient_026_sf_reloadPrepare.pdf
[2008/09/20 21:28:34 | 00,027,648 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.doc
[2008/09/20 15:14:28 | 00,012,471 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.docx
[2008/09/15 22:31:17 | 00,169,297 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\deontologiemedicalesurleweb2008.pdf
[2008/09/14 11:45:09 | 00,043,324 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 4.pdf
[2008/09/14 11:42:32 | 00,044,014 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 3.pdf
[2008/09/14 11:38:56 | 00,043,982 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 2.pdf
[2008/09/14 11:36:11 | 00,043,665 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca.pdf
[2008/09/13 14:52:35 | 00,025,806 | ---- | M] () -- C:\Users\Jean-Marc\Documents\https___commander.1and1.pdf
[2008/09/10 00:04:02 | 00,038,528 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/09/10 00:03:56 | 00,017,200 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2008/09/09 10:34:44 | 00,132,776 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/09/09 00:46:04 | 00,000,128 | ---- | M] () -- C:\Windows\win.ini
[2008/09/08 22:12:23 | 00,000,131 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\omar-loldz.com-tuto.jpg.url
[2008/09/07 17:13:37 | 00,086,016 | ---- | M] () -- C:\Windows\System32\drivers\cmstp.exe
[2008/09/07 17:13:37 | 00,086,016 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Roaming\comrepl.exe
[2008/09/07 16:08:19 | 00,000,774 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[2008/09/06 15:01:22 | 00,235,885 | ---- | M] () -- C:\Users\Jean-Marc\Documents\a.jpg
[2008/09/06 13:50:04 | 00,001,040 | ---- | M] () -- C:\Users\Jean-Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
[2008/09/05 23:10:16 | 00,000,179 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Apprenez à créer votre site web ! - Site Web - Les tutoriels#part_13663.url
[2008/09/05 17:41:09 | 00,000,816 | ---- | M] () -- C:\Users\Jean-Marc\Desktop\Notepad++.lnk
[2008/08/31 15:46:26 | 00,025,088 | ---- | M] () -- C:\Users\Jean-Marc\Documents\RESILIATION EUROMUT.doc
[2008/08/27 19:30:41 | 00,045,568 | ---- | M] () -- C:\Users\Jean-Marc\Documents\An%20unusual%20presentation%20of%20peripartum%20cardiomyopathy[1].doc
[2008/08/26 22:28:12 | 16,208,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2008/08/17 15:14:28 | 00,075,776 | ---- | M] () -- C:\Users\Jean-Marc\Documents\Influence of recruitment way in systemic sclerosis depending severity of disease.doc
[2008/08/15 17:50:47 | 00,046,592 | ---- | M] () -- C:\Users\Jean-Marc\Documents\TARIF SEPTEMBRE 08.doc
[2008/08/15 17:43:39 | 00,046,592 | ---- | M] () -- C:\Users\Jean-Marc\Documents\TARIF SEPTEMBRE 06.doc

<End>
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

Messagede nickW » 13 Oct 2008, 00:10

Bonsoir,

JMS/JMS2 a écrit:j'ai relancé un scan, avec AVG il a retrouve un virus

Quel "virus"?
Dans quel(s) fichier(s)?



Nouvelle manip:

Étape 1: Contrôle des comptes utilisateurs, désactivation
Désactiver l'UAC - User Account Control - contrôle des comptes utilisateurs:


Étape 2: Pas de processus de contrôle en temps réel
Désactiver le module résident de l'antivirus.
Image AVG: ouvrir AVG Control Center, double clic sur "AVG Resident Shield", décocher "Turn on AVG Resident Shield"


Étape 3: OTMoveIt3 (de OldTimer)
Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Tous les programmes---->Accessoires---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C
Code: Tout sélectionner
:Processes
cmstp.exe

:Reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load"=""
[HKEY_USERS\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load"=""

:Files
C:\Users\Jean-Marc\AppData\Roaming\comrepl.exe
C:\Windows\System32\drivers\cmstp.exe


:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier (dans le menu Format) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTfichiers2.txt
Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 4: OTMoveIt3 (de OldTimer)
Faire un clic droit sur OTMoveIt3.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
Ouvrir le fichier OTfichiers2.txt dans le Bloc-notes.
En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"
Image et choisir Coller.

Cliquer sur le bouton MoveIt!: Image
Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes


Étape 5: Malwarebytes' Anti-Malware, nettoyage
Fermer toutes les fenêtres de programme ouvertes.
Lancer Malwarebytes' Anti-Malware via le Menu Démarrer.
Dans l'onglet Paramètres, vérifier que toutes les cases sont cochées sauf "Créer une option dans le menu contextuel pour analyser des fichiers (clic droit)".
Dans l'onglet Mise à jour, cliquer sur le bouton Recherche de mise à jour et installer toutes les mises à jour trouvées.
Dans l'onglet Recherche, cocher le bouton radio situé devant "Exécuter un examen rapide" puis cliquer sur le bouton Rechercher.
Attendre sans rien faire d'autre la fin de la recherche; dans la fenêtre annonçant la fin de l'analyse, cliquer sur OK; puis cliquer sur le bouton "Afficher les résultats".

Si des éléments nuisibles ont été détectés, cliquer sur le bouton "Supprimer la sélection"
Attendre patiemment sans rien faire d'autre la fin du nettoyage.
Un redémarrage est parfois nécessaire. Accepter.
Une fenêtre du Bloc-notes s'ouvre pour afficher le rapport. Fermer le Bloc-notes.
Cliquer sur le bouton "Quitter" pour fermer Malwarebytes' Anti-Malware.


Étape 6: Processus de contrôle en temps réel
Important: Réactiver le module résident de l'antivirus.


Étape 7: Contrôle des comptes utilisateurs, réactivation
Réactiver le contrôle des comptes utilisateurs (UAC-User Account Control).


Étape 8: OTListIt (de OldTimer)
Supprimer les deux fichiers OTListIt.txt et Extras.txt présents sur le Bureau.
Fermer toutes les fenêtres de programme ouvertes.
Faire un double clic sur OTListIt.exe pour lancer l'outil.
Cocher la case située devant Scan All Users.
Cliquer sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt.


Étape 9: Résultats
Envoyer en réponse:
*- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[Lecteur représente la partition depuis laquelle OTMoveIt3 a été lancé, généralement C:]
*- le log de Malwarebytes' Anti-Malware (contenu du fichier mbam-log-*-**-**** (**-**-**).txt situé dans le dossier SystemDrive\Documents and Settings\<tonprofil>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs / *-**-**** (**-**-**) représente la date [mois-jour-année] et l'heure [hh-mn-ss])
[SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

Envoyer ensuite en réponse dans deux messages distincts (à cause de la longueur des logs):
*- les deux rapports de OTListIt (contenu des fichiers OTListIt.txt et Extras.txt situés sur le Bureau).

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

1er log demandé

Messagede JMS2 » 13 Oct 2008, 22:05

Bonsoir, je vous voie les fichiers demandés.

========== PROCESSES ==========
Unable to kill process: cmstp.exe
========== REGISTRY ==========
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"load"|"" /E : value set successfully!
Unable to set value : HKEY_USERS\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"load"|"" /E!
========== FILES ==========
File/Folder C:\Users\Jean-Marc\AppData\Roaming\comrepl.exe not found.
File/Folder C:\Windows\System32\drivers\cmstp.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\JEAN-M~1\AppData\Local\Temp\~DF94DB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\ZLT05c38.TMP scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ZLT05c3c.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10132008_222702

Files moved on Reboot...
C:\Users\JEAN-M~1\AppData\Local\Temp\~DF94DB.tmp moved successfully.
C:\Windows\temp\ZLT05c38.TMP moved successfully.
C:\Windows\temp\ZLT05c3c.TMP moved successfully.
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

extrats.txt

Messagede JMS2 » 13 Oct 2008, 22:06

OTListIt Extras logfile created on: 13/10/2008 22:58:02 - Run 6
OTListIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\Jean-Marc\Desktop
Windows Vista (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1013,50 Mb Total Physical Memory | 291,75 Mb Available Physical Memory | 28,79% Memory free
2,23 Gb Paging File | 1,30 Gb Available in Paging File | 58,35% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,62 Gb Total Space | 11,31 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive D: | 5,16 Gb Total Space | 1,22 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 968,25 Mb Total Space | 681,83 Mb Free Space | 70,42% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JEAN-MARC
Current User Name: Jean-Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 60 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08783603-FFD0-479c-9160-E2FA46E62883}" = Mise à niveau de Works
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}" = Complément Microsoft Word pour Microsoft Works Suite
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{38D95956-E92C-4473-904B-CD877EA04410}" = Philips SPC210NC Webcam
"{3FBD76E5-E422-11D5-B8D1-000102A5FE5B}" = Dictionnaire des prénoms
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.0
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00006
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{633A27AE-C1C4-48E7-85D4-3C34994B5331}" = Yooda Map
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}" = Adobe Setup
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91DBD16F-BA92-4B2E-A65A-56DB3EE67AC4}" = HP User Guide 0052
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6694BAA-7604-46AA-A41F-B5F1E6DADE7A}" = OpenOffice.org 2.4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3
"Adobe_b2b4b1546e74314f8131ded43e4bd9d" = Adobe Flash CS3 Professional
"Asterisk Key" = Asterisk Key 8.3
"AVG8Uninstall" = AVG Free 8.0
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_AK_SH_VI_VEN_14F1&DEV_5045" = HDAUDIO Soft Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Kit USB TELIUM 1.0_is1" = Kit USB TELIUM 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (2.0.0.16)" = Mozilla Firefox (2.0.0.16)
"Neuf_Kit" = Neuf - Kit de connexion
"Notepad++" = Notepad++
"Picasa2" = Picasa 2
"PROR" = Version d'évaluation de Microsoft Office Professional 2007
"Shockwave" = Shockwave
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SYSTAT 9" = SYSTAT 9
"TIMELEFT3_is1" = TimeLeft
"WinAce Archiver" = WinAce Archiver
"WinRAR archiver" = Archiveur WinRAR
"Works2005Setup" = Sélecteur d'installation de Microsoft Works 2005
"YInstHelper" = Yahoo! Install Manager
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/10/2008 17:38:08 | Computer Name = PC-de-Jean-Marc | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.16711, horodatage
0x486445ce, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc0000005, décalage d’erreur 0x0003b15f, ID du processus 0xc3c,
heure de début de l’application 0x01c927f98b7e4b93.

Error - 09/10/2008 11:50:04 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 15:58:57 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 17:48:40 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 04:00:28 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 06:03:57 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme OTListIt.exe version 1.0.7.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : efc Heure de
début : 01c92b8865b01b2e Heure de fin : 0

Error - 11/10/2008 17:30:52 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme GLB6ADB.tmp version 7.1.254.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 1150 Heure
de début : 01c92be8023415b0 Heure de fin : 4

Error - 13/10/2008 15:23:27 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme mbam.exe version 1.28.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans l’application Rapports et solutions aux
problèmes du Panneau de configuration. ID de processus : 1d8 Heure de début : 01c92d6153224675
Heure
de fin : 758

Error - 13/10/2008 15:50:03 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 13/10/2008 16:01:50 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

[ Media Center Events ]
Error - 18/04/2008 04:48:28 | Computer Name = PC-de-Jean-Marc | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

[ System Events ]
Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:56:37 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:57:06 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:58:02 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:58:18 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.


<End>
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

2ème fichier

Messagede JMS2 » 13 Oct 2008, 22:10

Un virus détecté
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1266
Windows 6.0.6000

13/10/2008 22:40:06
mbam-log-2008-10-13 (22-40-02).txt

Type de recherche: Examen rapide
Eléments examinés: 45876
Temps écoulé: 3 minute(s), 39 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Jean-Marc\AppData\Roaming\Microsoft\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

extras.txt

Messagede JMS2 » 13 Oct 2008, 22:11

OTListIt Extras logfile created on: 13/10/2008 22:58:02 - Run 6
OTListIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\Jean-Marc\Desktop
Windows Vista (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1013,50 Mb Total Physical Memory | 291,75 Mb Available Physical Memory | 28,79% Memory free
2,23 Gb Paging File | 1,30 Gb Available in Paging File | 58,35% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,62 Gb Total Space | 11,31 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive D: | 5,16 Gb Total Space | 1,22 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 968,25 Mb Total Space | 681,83 Mb Free Space | 70,42% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JEAN-MARC
Current User Name: Jean-Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 60 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08783603-FFD0-479c-9160-E2FA46E62883}" = Mise à niveau de Works
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}" = Complément Microsoft Word pour Microsoft Works Suite
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}" = Adobe Flash Video Encoder
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{38D95956-E92C-4473-904B-CD877EA04410}" = Philips SPC210NC Webcam
"{3FBD76E5-E422-11D5-B8D1-000102A5FE5B}" = Dictionnaire des prénoms
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.0
"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00006
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{633A27AE-C1C4-48E7-85D4-3C34994B5331}" = Yooda Map
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80FD3971-8482-49C8-BA8C-B6464A15882F}" = Adobe Flash CS3
"{82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}" = Adobe Setup
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}" = Adobe Flash Player 9 Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROR_{A0353900-21A2-42CF-B973-883500A027F7}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROR_{5A2F65A4-808F-4A1E-973E-92E17824982D}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROR_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROR_{EC50B538-CBE1-42E6-B7FE-87AA540AADFB}" = Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{911B040C-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{91DBD16F-BA92-4B2E-A65A-56DB3EE67AC4}" = HP User Guide 0052
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6694BAA-7604-46AA-A41F-B5F1E6DADE7A}" = OpenOffice.org 2.4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BF794769-8875-4E01-B7BE-E00104604F4A}" = Adobe Photoshop CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3
"Adobe_b2b4b1546e74314f8131ded43e4bd9d" = Adobe Flash CS3 Professional
"Asterisk Key" = Asterisk Key 8.3
"AVG8Uninstall" = AVG Free 8.0
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_AK_SH_VI_VEN_14F1&DEV_5045" = HDAUDIO Soft Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Kit USB TELIUM 1.0_is1" = Kit USB TELIUM 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (2.0.0.16)" = Mozilla Firefox (2.0.0.16)
"Neuf_Kit" = Neuf - Kit de connexion
"Notepad++" = Notepad++
"Picasa2" = Picasa 2
"PROR" = Version d'évaluation de Microsoft Office Professional 2007
"Shockwave" = Shockwave
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SYSTAT 9" = SYSTAT 9
"TIMELEFT3_is1" = TimeLeft
"WinAce Archiver" = WinAce Archiver
"WinRAR archiver" = Archiveur WinRAR
"Works2005Setup" = Sélecteur d'installation de Microsoft Works 2005
"YInstHelper" = Yahoo! Install Manager
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 06/10/2008 17:38:08 | Computer Name = PC-de-Jean-Marc | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.16711, horodatage
0x486445ce, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9,
code d’exception 0xc0000005, décalage d’erreur 0x0003b15f, ID du processus 0xc3c,
heure de début de l’application 0x01c927f98b7e4b93.

Error - 09/10/2008 11:50:04 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 15:58:57 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 10/10/2008 17:48:40 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 04:00:28 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 11/10/2008 06:03:57 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme OTListIt.exe version 1.0.7.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : efc Heure de
début : 01c92b8865b01b2e Heure de fin : 0

Error - 11/10/2008 17:30:52 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme GLB6ADB.tmp version 7.1.254.0 a cessé d’interagir avec
Windows et a été fermé. Pour déterminer si des informations supplémentaires sont
disponibles, consultez l’historique du problème dans l’application Rapports et
solutions aux problèmes du Panneau de configuration. ID de processus : 1150 Heure
de début : 01c92be8023415b0 Heure de fin : 4

Error - 13/10/2008 15:23:27 | Computer Name = PC-de-Jean-Marc | Source = Application Hang | ID = 1002
Description = Le programme mbam.exe version 1.28.0.0 a cessé d’interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l’historique du problème dans l’application Rapports et solutions aux
problèmes du Panneau de configuration. ID de processus : 1d8 Heure de début : 01c92d6153224675
Heure
de fin : 758

Error - 13/10/2008 15:50:03 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

Error - 13/10/2008 16:01:50 | Computer Name = PC-de-Jean-Marc | Source = EventSystem | ID = 4609
Description =

[ Media Center Events ]
Error - 18/04/2008 04:48:28 | Computer Name = PC-de-Jean-Marc | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete : échec du téléchargement du package
MCESpotlight.

[ System Events ]
Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:52:41 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:56:37 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:57:06 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:58:02 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.

Error - 13/10/2008 16:58:18 | Computer Name = PC-de-Jean-Marc | Source = cdrom | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\CdRom0.


<End>
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

Dernier fichier

Messagede JMS2 » 13 Oct 2008, 22:13

OTListIt logfile created on: 13/10/2008 22:58:02 - Run 6
OTListIt by OldTimer - Version 1.0.7.0 Folder = C:\Users\Jean-Marc\Desktop
Windows Vista (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16711)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1013,50 Mb Total Physical Memory | 291,75 Mb Available Physical Memory | 28,79% Memory free
2,23 Gb Paging File | 1,30 Gb Available in Paging File | 58,35% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 106,62 Gb Total Space | 11,31 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive D: | 5,16 Gb Total Space | 1,22 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 968,25 Mb Total Space | 681,83 Mb Free Space | 70,42% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-JEAN-MARC
Current User Name: Jean-Marc
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 60 Days

========== Processes ==========

[2006/11/02 11:45:57 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2006/11/02 11:45:21 | 00,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2007/07/16 06:53:49 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2008/03/03 15:05:02 | 00,079,400 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
[2006/11/02 11:45:04 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/10/10 08:50:29 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/10/06 23:17:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2006/11/24 16:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
[2006/10/19 14:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
[2006/08/04 03:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
[2006/11/02 11:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
[2006/11/24 16:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
[2008/10/06 23:17:10 | 00,287,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgrsx.exe
[2008/10/06 23:17:09 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe
[2006/11/02 11:45:48 | 00,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2007/04/11 23:08:42 | 01,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
[2006/11/15 08:02:46 | 00,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2006/11/05 19:02:32 | 00,098,304 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
[2006/11/05 19:05:32 | 00,106,496 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
[2006/11/05 19:02:18 | 00,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
[2006/11/06 11:58:18 | 00,159,744 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[2006/10/18 10:56:54 | 00,317,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
[2006/10/18 10:32:36 | 00,472,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[2008/10/01 18:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2008/10/06 23:17:09 | 01,234,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
[2008/03/03 15:05:04 | 00,959,976 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[2006/11/02 11:46:00 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2006/05/10 13:24:34 | 00,278,528 | ---- | M] () -- C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
[2006/11/02 14:34:48 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2006/11/02 11:24:10 | 00,491,606 | ---- | M] () -- C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
[2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2006/12/04 13:35:32 | 00,058,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
[2008/07/19 07:10:40 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2008/02/14 20:38:01 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
[2008/06/27 05:54:09 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEUser.exe
[2008/06/27 05:54:09 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2006/11/02 14:34:43 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
[2006/11/02 14:34:44 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
[2008/10/11 12:00:16 | 00,416,768 | ---- | M] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/10/10 08:50:29 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2006/06/26 10:50:08 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr [On_Demand | Stopped])
[2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2008/10/06 23:17:09 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
[2008/10/06 23:17:07 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (CertPropSvc [Unknown | Stopped])
[2006/11/24 16:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
[2006/11/02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2006/11/24 16:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (DcomLaunch [Unknown | Running])
[2006/11/02 14:36:25 | 02,089,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfsr.exe -- (DFSR [On_Demand | Stopped])
[2007/08/30 07:22:17 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
[2006/11/02 14:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr [On_Demand | Stopped])
[2006/11/02 14:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
[2008/09/08 20:14:24 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2006/11/02 14:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
[2006/11/02 11:46:05 | 00,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
[2007/04/11 23:02:51 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2006/12/04 13:35:32 | 00,058,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Auto | Running])
[2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
[2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
File not found -- %systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
[2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2006/10/19 14:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2006/11/02 15:04:14 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2006/11/02 14:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
[2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2006/11/06 14:31:14 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
[2006/11/02 11:46:12 | 00,545,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll -- (RpcSs [Unknown | Running])
[2006/11/02 11:46:12 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr [Unknown | Stopped])
File not found -- %systemroot%\system32\svchost.exe -- (Schedule [Unknown | Running])
File not found -- %SystemRoot%\system32\svchost.exe -- (SCPolicySvc [Unknown | Stopped])
[2007/07/16 06:53:49 | 02,605,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 11:45:46 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
[2006/11/01 12:17:32 | 00,073,728 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped])
File not found -- %SystemRoot%\servicing\TrustedInstaller.exe -- (TrustedInstaller [Unknown | Running])
[2006/11/02 11:45:50 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
[2006/11/02 11:45:50 | 00,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
[2008/03/03 15:05:02 | 00,079,400 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon [Auto | Running])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiServiceHost [Unknown | Stopped])
File not found -- %SystemRoot%\System32\svchost.exe -- (WdiSystemHost [Unknown | Running])
File not found -- %ProgramFiles%\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[2006/11/02 14:34:46 | 00,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Auto | Running])
[2006/08/04 03:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService [Auto | Running])

========== Driver Services ==========

[2006/11/02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2006/11/02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2006/11/02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2006/11/02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2006/11/02 11:49:59 | 00,054,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2006/11/02 11:49:26 | 00,015,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2006/11/02 10:30:18 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
[2008/10/06 23:17:28 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
[2008/10/06 23:17:26 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
[2008/10/06 23:17:34 | 00,069,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys -- (AvgWfpX [On_Demand | Running])
[2006/11/02 09:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV [On_Demand | Stopped])
File not found -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
[2006/11/02 10:31:12 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [On_Demand | Stopped])
[2006/11/02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 10:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2006/11/02 10:55:08 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
File not found -- -- (CLFS [Unknown | Running])
[2006/11/02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2006/11/02 11:49:43 | 00,022,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2006/11/02 10:30:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2006/11/02 10:31:04 | 00,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2007/08/30 07:22:17 | 00,619,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2006/11/02 09:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2006/11/02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2006/06/28 10:57:00 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr [System | Running])
[2006/11/02 14:34:35 | 00,132,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2006/11/02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2006/11/02 11:49:58 | 00,056,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2006/11/02 10:32:55 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2006/11/02 11:50:04 | 00,058,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2006/06/28 10:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey [On_Demand | Running])
[2006/11/18 03:52:54 | 00,145,920 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService [On_Demand | Running])
[2007/07/16 06:53:06 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 10:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 10:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2006/11/02 09:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
[2006/10/17 21:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
[2006/10/17 21:08:14 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
[2006/11/05 20:29:14 | 01,473,024 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/05 20:29:14 | 01,473,024 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx [On_Demand | Running])
[2006/11/02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
File not found -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp [On_Demand | Stopped])
[2006/11/02 10:42:03 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2006/11/02 11:51:12 | 00,168,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt [On_Demand | Running])
[2006/11/02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/02/14 20:38:00 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2006/11/02 10:56:49 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2006/11/02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2006/11/02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2006/11/02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2006/11/02 10:33:07 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Auto | Running])
[2006/06/19 00:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2006/11/02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2007/12/16 11:56:45 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2006/11/02 11:50:16 | 00,078,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2007/07/16 06:55:59 | 00,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2006/11/02 10:31:27 | 00,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2007/12/13 08:46:22 | 00,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/02/14 20:33:55 | 00,025,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Boot | Running])
[2006/11/02 11:50:17 | 00,080,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2006/11/02 11:49:20 | 00,013,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2006/11/02 11:51:09 | 00,160,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/02/14 20:33:54 | 00,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2006/11/09 11:02:30 | 01,786,880 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Running])
[2006/11/02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2006/11/02 10:57:30 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2006/11/02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2006/11/02 11:50:40 | 00,106,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd [On_Demand | Stopped])
[2006/11/02 11:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2007/08/30 07:22:18 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/02/23 04:38:33 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2006/11/02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
[2006/11/02 14:34:31 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/02 11:02:01 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD [System | Running])
[2006/11/15 03:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk [Auto | Running])
[2006/11/14 22:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk [Auto | Running])
[2006/11/14 20:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp [Auto | Running])
[2006/11/02 10:56:49 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 11:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2007/06/14 07:35:14 | 00,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/02/14 20:38:00 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2007/06/14 07:35:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [On_Demand | Running])
[2006/11/02 10:51:40 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2007/06/14 07:35:14 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Running])
[2006/11/02 11:49:51 | 00,053,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2006/11/02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2006/11/02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2006/11/02 10:57:10 | 00,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2006/11/02 11:49:35 | 00,018,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2007/12/13 08:46:21 | 00,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2007/12/13 08:46:21 | 00,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2006/11/02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2006/11/15 08:24:00 | 00,179,256 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2006/11/02 10:57:47 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2006/11/02 10:57:35 | 00,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2006/11/02 11:02:07 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv [On_Demand | Stopped])
[2007/07/16 06:55:58 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2007/07/16 06:55:58 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Stopped])
[2006/11/02 11:49:59 | 00,056,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
File not found -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys [Disabled | Stopped])
[2006/11/02 11:50:04 | 00,058,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2006/11/02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2006/11/02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2006/11/02 10:55:24 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/10/01 13:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2006/11/02 10:55:09 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir [Disabled | Stopped])
[2006/11/02 10:55:20 | 00,132,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo [On_Demand | Running])
[2006/11/02 10:53:56 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2006/11/02 10:30:19 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2006/11/02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2006/11/02 11:50:24 | 00,050,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2006/11/02 11:51:30 | 00,290,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/03/03 15:06:04 | 00,279,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant [System | Running])
[2006/11/02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 10:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2006/11/02 11:49:38 | 00,019,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/02/14 20:38:01 | 00,495,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2006/10/17 21:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
[2007/11/14 08:21:26 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [On_Demand | Running])
[2006/11/02 10:58:26 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [Disabled | Stopped])
[2006/08/04 03:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio [Auto | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key does not exist or could not be opened. File not found
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

O1 HOSTS File: (266075 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 9217 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmes\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmes\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmes\Java\jre1.6.0_03\bin\ssv.dll File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start File not found
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime File not found
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe File not found
O4 - HKLM..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe File not found
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide File not found
O4 - HKLM..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" File not found
O4 - HKCU..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem File not found
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation)
O4 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO File not found
O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe (soft thinks)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0



O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmes\Java\jre1.6.0_03\bin\npjpi160_03.dll File not found
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmes\Microsoft Office\Office12\REFIEBAR.DLL File not found
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1097869764-2982508946-2388530856-1000\..Trusted Sites: 45 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://webscanner.kaspersky.fr/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resourc ... oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2005 ... scan53.cab (HouseCall Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key does not exist or could not be opened.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O18 - Protocol\Handler: - cdo - C:\Programmes\Common Files\microsoft shared\Web Folders\PKMCDO.DLL File not found
O18 - Protocol\Handler: - linkscanner - C:\Programmes\AVG\AVG8\avgpp.dll File not found
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler: - msdaipp\oledb - C:\Programmes\Common Files\System\Ole DB\MSDAIPP.DLL File not found
O18 - Protocol\Handler: - ms-help - C:\Programmes\Common Files\microsoft shared\Help\hxds.dll File not found
O18 - Protocol\Handler: - ms-itss - C:\Programmes\Common Files\microsoft shared\Information Retrieval\msitss.dll File not found
O18 - Protocol\Handler: - skype4com - C:\Programmes\Common Files\Skype\Skype4COM.dll File not found
O18 - Protocol\Filter: - text/xml - C:\Programmes\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL File not found
O20 - See sections below for AppInitDlls and Winlogon settings

========== AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls" = avgrsstx.dll
>[2008/10/06 23:17:37 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
igfxcui: "DllName" = igfxdev.dll -- C:\Windows\System32\igfxdev.dll (Intel Corporation)

========== HKLM *SecurityProviders* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders" = credssp.dll
>[2006/11/02 11:46:03 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll

========== LSA *Security Packages* ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages" = kerberos,msv1_0,schannel,wdigest,tspkg,
>[2006/11/02 11:46:13 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 23:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]

AUTOMODE [@echo off | IF EXIST C:\ST_RP\MANUALMODE ECHO MANUAL BATCH MODE ALREADY SET ! | IF NOT EXIST C:\ST_RP\MANUALMODE ECHO SET TO MANUAL BATCH EXECUTION ! | IF NOT EXIST C:\ST_RP\MANUALMODE IF EXIST C:\ST_RP\AUTOMODE DEL C:\ST_RP\AUTOMODE /F > NUL | IF NOT EXIST C:\ST_RP\MANUALMODE COPY C:\ST_RP\SET_AUTO_MODE.CMD C:\ST_RP\MANUALMODE > NUL | ECHO. | ]
[2005/09/11 17:18:54 | 00,000,340 | -HS- | M] () -- D:\AUTOMODE -- [ NTFS ]


========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{154bf7e3-eb45-11db-b4dc-0016d394390f}\Shell\AutoRun\command]
"" = F:\.\MigWiz\migsetup.exe -- File not found

========== Files/Folders - Created Within 60 Days ==========

[1 C:\Windows\System32\drivers\*.tmp files]
[2008/10/13 22:28:16 | 02,579,766 | -H-- | C] () -- C:\Users\Jean-Marc\AppData\Local\IconCache.db
[2008/10/12 11:54:12 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/10/12 11:46:55 | 00,334,848 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTMoveIt3.exe
[2008/10/12 11:45:58 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2008/10/12 11:43:09 | 00,005,024 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\erunt-loc_fr.zip
[2008/10/12 11:42:24 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Jean-Marc\Desktop\erunt-setup.exe
[2008/10/11 23:46:33 | 00,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/11 23:35:34 | 00,005,571 | ---- | C] () -- C:\Windows\System32\vsconfig.xml
[2008/10/11 23:35:32 | 00,054,672 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc040c.dll
[2008/10/11 23:35:00 | 01,086,952 | ---- | C] (Python Software Foundation) -- C:\Windows\System32\zpeng24.dll
[2008/10/11 23:34:58 | 00,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2008/10/11 23:34:57 | 00,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2008/10/11 23:27:15 | 00,352,615 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2008/10/11 23:27:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2008/10/11 23:26:24 | 00,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2008/10/11 15:29:47 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2008/10/11 11:59:51 | 00,416,768 | ---- | C] (OldTimer Tools) -- C:\Users\Jean-Marc\Desktop\OTListIt.exe
[2008/10/10 23:49:27 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/10/10 22:55:56 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jean-Marc\Desktop\HFI.exe
[2008/10/10 22:42:40 | 00,017,200 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2008/10/10 22:42:40 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/10 22:42:39 | 00,038,528 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/10/10 22:40:17 | 02,189,864 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jean-Marc\Desktop\mbam-setup.exe
[2008/10/10 21:55:49 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2008/10/10 21:55:43 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/10/10 21:25:50 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Desktop\backups
[2008/10/10 21:10:39 | 00,316,322 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\hijackthis.zip
[2008/10/10 20:16:56 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2008/10/10 15:15:22 | 00,007,285 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Virus w32generic trojan backdoor.url:favicon
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2008/10/10 08:49:35 | 00,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2008/10/10 08:49:23 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2008/10/10 08:49:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2008/10/10 08:45:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2008/10/10 08:22:24 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/10/10 08:00:07 | 00,000,268 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url
@Alternate Data Stream - 1150 bytes -> C:\Users\Jean-Marc\Desktop\Assiste.Forums Voir le Forum - Logs HijackThis (Demandes d'analyse de logs).url:favicon
[2008/10/09 17:27:43 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
[2008/10/08 22:00:49 | 00,000,938 | ---- | C] () -- C:\Windows\System32\map1.xml
[2008/10/08 21:57:54 | 00,002,541 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\YoodaMap.lnk
[2008/10/08 21:57:53 | 00,000,000 | ---D | C] -- C:\Program Files\Yooda
[2008/10/08 08:33:01 | 00,059,722 | ---- | C] () -- C:\Users\Jean-Marc\Documents\cc_20081008_083259.reg
[2008/10/08 08:10:30 | 00,001,670 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\CCleaner.lnk
[2008/10/08 08:10:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/10/07 07:57:56 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2008/10/06 23:17:39 | 00,001,647 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 8.0.lnk
[2008/10/06 23:17:37 | 00,010,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2008/10/06 23:17:34 | 00,069,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgwfpx.sys
[2008/10/06 23:17:28 | 00,097,928 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2008/10/06 23:17:26 | 28,732,166 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2008/10/06 23:17:26 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2008/10/06 23:17:26 | 00,307,238 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2008/10/06 23:17:26 | 00,068,419 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2008/10/06 23:17:26 | 00,026,824 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2008/10/06 23:17:26 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2008/10/06 23:17:07 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2008/10/06 23:17:06 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2008/10/06 14:51:51 | 00,507,904 | ---- | C] (Trend Micro Inc.) -- C:\Windows\TMUPDATE.DLL
[2008/10/06 14:51:51 | 00,286,720 | ---- | C] (Trend Micro Inc.) -- C:\Windows\PATCH.EXE
[2008/10/06 14:51:51 | 00,069,689 | ---- | C] (Trend Micro Inc.) -- C:\Windows\UNZIP.DLL
[2008/10/06 00:48:40 | 00,000,000 | ---D | C] -- C:\Program Files\Techlogg.com ToneShop
[2008/10/06 00:48:00 | 04,198,049 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\toneshop_toneshop_build_25_anglais_240024.exe
[2008/10/05 23:16:34 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2008/10/04 19:16:18 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2008/10/04 19:15:34 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/10/04 19:15:29 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2008/10/04 19:05:12 | 00,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2008/10/04 19:04:37 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2008/10/04 10:32:43 | 00,002,834 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie.ste
[2008/10/04 10:30:58 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie
[2008/09/27 22:35:05 | 00,096,076 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan 2a.png
[2008/09/27 22:11:42 | 00,046,245 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan 2.png
[2008/09/27 22:06:50 | 00,047,063 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\plan.png
[2008/09/25 06:29:07 | 00,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2008/09/21 15:24:45 | 00,034,999 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\https___recharge.sfr.fr_webwapclient_026_sf_reloadPrepare.pdf
[2008/09/20 18:49:04 | 00,027,648 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.doc
[2008/09/20 15:14:27 | 00,012,471 | ---- | C] () -- C:\Users\Jean-Marc\Documents\Ordonnanciers JMS.docx
[2008/09/20 11:25:16 | 00,000,000 | ---D | C] -- C:\Program Files\FreeUndelete
[2008/09/20 09:28:32 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2008/09/20 09:28:00 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDERUN.DLL
[2008/09/20 09:28:00 | 00,081,920 | ---- | C] (Data Dynamics) -- C:\Windows\System32\rtfexpt.dll
[2008/09/20 09:27:59 | 00,232,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDATLST.OCX
[2008/09/20 09:27:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSBIND.DLL
[2008/09/20 09:27:58 | 01,012,224 | R--- | C] (Data Dynamics) -- C:\Windows\System32\actrpt.dll
[2008/09/20 09:27:58 | 00,302,256 | ---- | C] (Data Dynamics) -- C:\Windows\System32\arviewer.ocx
[2008/09/20 09:27:58 | 00,118,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSADODC.OCX
[2008/09/20 09:27:58 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\STDFTFR.DLL
[2008/09/20 09:27:57 | 00,016,384 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\ADODCFR.DLL
[2008/09/20 09:27:56 | 00,030,720 | R--- | C] (Microsoft Corporation) -- C:\Windows\System32\DATLSFR.DLL
[2008/09/20 09:27:42 | 00,074,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrclr40.dll
[2008/09/20 09:27:40 | 00,028,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrecr40.dll
[2008/09/20 09:27:31 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB5DB.DLL
[2008/09/20 09:27:24 | 00,032,768 | R--- | C] () -- C:\Windows\System32\mautils.dll
[2008/09/20 09:27:23 | 00,063,488 | R--- | C] () -- C:\Windows\System32\Eztw32.dll
[2008/09/20 09:27:23 | 00,000,000 | ---D | C] -- C:\Program Files\Micro Application
[2008/09/15 22:31:17 | 00,169,297 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\deontologiemedicalesurleweb2008.pdf
[2008/09/14 11:45:16 | 00,043,324 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 4.pdf
[2008/09/14 11:42:39 | 00,044,014 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 3.pdf
[2008/09/14 11:39:08 | 00,043,982 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca 2.pdf
[2008/09/14 11:36:21 | 00,043,665 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\http___www.salonreeduca.pdf
[2008/09/13 14:52:42 | 00,025,806 | ---- | C] () -- C:\Users\Jean-Marc\Documents\https___commander.1and1.pdf
[2008/09/11 14:54:19 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/09/10 14:38:23 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Cabinet de Kinésithérapie2
[2008/09/10 14:37:57 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Site sans nom 2
[2008/09/10 12:11:21 | 00,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2008/09/10 12:11:20 | 02,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/09/10 11:35:28 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\Version Cue
[2008/09/10 11:35:14 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\Documents\AdobeStockPhotos
[2008/09/10 11:22:15 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2008/09/10 11:22:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2008/09/10 11:22:00 | 04,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2008/09/10 11:21:07 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2008/09/09 11:06:01 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Local\WindowsUpdate
[2008/09/09 01:07:06 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2008/09/09 01:05:45 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2008/09/09 01:05:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2008/09/09 00:59:02 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2008/09/09 00:43:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2008/09/09 00:28:59 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Local\Microsoft Help
[2008/09/09 00:28:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2008/09/08 22:12:23 | 00,000,131 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\omar-loldz.com-tuto.jpg.url
[2008/09/08 21:58:52 | 00,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2008/09/08 20:37:18 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/09/08 20:14:22 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2008/09/08 17:32:21 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\WinRAR
[2008/09/08 17:32:14 | 00,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2008/09/07 17:12:50 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2008/09/06 20:38:08 | 00,235,885 | ---- | C] () -- C:\Users\Jean-Marc\Documents\a.jpg
[2008/09/05 23:10:16 | 00,000,179 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Apprenez à créer votre site web ! - Site Web - Les tutoriels#part_13663.url
[2008/09/05 17:41:09 | 00,000,816 | ---- | C] () -- C:\Users\Jean-Marc\Desktop\Notepad++.lnk
[2008/09/05 17:41:06 | 00,000,000 | ---D | C] -- C:\Users\Jean-Marc\AppData\Roaming\Notepad++
[2008/09/05 17:41:06 | 00,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2008/08/31 15:40:46 | 00,025,088 | ---- | C] () -- C:\Users\Jean-Marc\Documents\RESILIATION EUROMUT.doc
[2008/08/27 19:30:41 | 00,045,568 | ---- | C] () -- C:\Users\Jean-Marc\Documents\An%20unusual%20presentation%20of%20peripartum%20cardiomyopathy[1].doc
[2008/08/25 20:04:40 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4
[2008/08/25 20:01:22 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 2.4 (fr) Installation Files
[2008/08/21 18:14:13 | 01,811,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2008/08/21 18:14:13 | 01,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2008/08/21 18:14:13 | 00,053,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2008/08/21 18:14:13 | 00,045,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2008/08/21 18:13:24 | 00,563,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2008/08/21 18:13:24 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2008/08/21 18:13:24 | 00,036,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2008/08/21 18:13:05
JMS2
 
Messages: 13
Inscription: 12 Oct 2008, 12:34

PrécédenteSuivante

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Google [Bot] et 38 invités