Contaminé a minima par Brastk.exe

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede nickW » 27 Oct 2008, 01:44

Bonsoir,

Suite du nettoyage:

Étape 1: OTMoveIt3 (de OldTimer)
Télécharger OTMoveIt3 via un clic droit sur le lien ci-dessous:
http://oldtimer.geekstogo.com/OTMoveIt3.exe
Enregistrer le fichier sur le Bureau.

Ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK
Sélectionner toutes les lignes de la zone blanche située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C
Code: Tout sélectionner
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=""

:Files
C:\WINDOWS\System32\karna.dat
C:\WINDOWS\sodegis.db
C:\WINDOWS\mujuruvap.reg
C:\WINDOWS\ejuhubada.dl
C:\WINDOWS\aqakykyxit.db
C:\WINDOWS\icikygite.inf
C:\WINDOWS\System32\TDSSmtyl.dat
C:\WINDOWS\system32\drivers\svchost.exe

:Commands
[emptytemp]



Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller
Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
Enregistrer le fichier sous le nom OTfichiers.txt
Fermer le Bloc-notes.
Note: Les lignes de la zone Code ci-dessus ont été créées exclusivement pour CET utilisateur.
si vous n'êtes pas CET utilisateur, il ne faut pas les utiliser: elles pourraient endommager votre système.



Étape 2: OTMoveIt3 (de OldTimer)
Faire un double clic sur OTMoveIt3.exe pour lancer l'outil.
Ouvrir le fichier OTfichiers.txt dans le Bloc-notes.
En sélectionner toutes les lignes puis appuyer simultanément sur les touches Ctrl et C

Retourner dans la fenêtre de OTMoveIt3, faire un clic droit dans la fenêtre située sur la gauche nommée "Paste Instructions for Items to be Moved"
Image et choisir Coller.

Cliquer sur le bouton MoveIt!: Image
Attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Note: Un redémarrage est parfois nécessaire. S'il est demandé, cliquer sur Oui/Yes


Étape 3: OTListIt (de OldTimer)
Le PC doit être en mode normal.
Fermer toutes les fenêtres de programme ouvertes.
Supprimer les deux fichiers OTListIt.txt et Extras.txt présents sur le Bureau.
Faire un double clic sur OTListIt.exe pour lancer l'outil.
Cocher la case située devant Scan All Users.
Cliquer sur le bouton Run Scan et laisser l'outil travailler sans l'interrompre.
Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant l'un des deux rapports.
Fermer le Bloc-notes.
Le second rapport est visible dans la Barre des tâches. Le fermer également.
Fermer la fenêtre de OTListIt.


Étape 4: Résultats
Envoyer en réponse:
*- le rapport de OTMoveIt3 (contenu du fichier Lecteur\_OTMoveIt\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
[Lecteur représente la partition depuis laquelle OTMoveIt3 a été lancé, généralement C:]

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du log):
*- le rapport principal de OTListIt (contenu du fichier OTListIt.txt situé sur le Bureau).

Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede alto » 27 Oct 2008, 16:10

Bonjour,

Comme indiqué, j'ai réalisé la suite du nettoyage.
Ci-joint la suite des rapports en deux étapes.

1er rapport : OTMoveIt3

Error: Unable to interpret <Reg> in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE> in the current context!
Error: Unable to interpret <"AppInit_Dlls"=""> in the current context!
========== FILES ==========
File/Folder C:\WINDOWS\System32\karna.dat not found.
C:\WINDOWS\sodegis.db moved successfully.
C:\WINDOWS\mujuruvap.reg moved successfully.
C:\WINDOWS\ejuhubada.dl moved successfully.
C:\WINDOWS\aqakykyxit.db moved successfully.
C:\WINDOWS\icikygite.inf moved successfully.
C:\WINDOWS\System32\TDSSmtyl.dat moved successfully.
File/Folder C:\WINDOWS\system32\drivers\svchost.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\etilqs_S50JABSBfAkD4ybB0dty scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\~DF4F9A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\~DF8220.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\nvcbin.def.F51A4546.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10272008_153913

Files moved on Reboot...
File C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\etilqs_S50JABSBfAkD4ybB0dty not found!
C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\~DF4F9A.tmp moved successfully.
C:\DOCUME~1\LESPAR~1\LOCALS~1\Temp\~DF8220.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\nvcbin.def.F51A4546.TMP scheduled to be moved on reboot.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Les parents\Local Settings\Application Data\Mozilla\Firefox\Profiles\5z1ospwc.default\XUL.mfl moved successfully.
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Messagede alto » 27 Oct 2008, 16:13

Re-Bonjour,

Ci-dessous le 2nd rapport :

OTListIt logfile created on: 27/10/2008 15:51:55 - Run 4
OTListIt by OldTimer - Version 1.0.10.0 Folder = C:\Documents and Settings\Les parents\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,25 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 59,91% Memory free
2,98 Gb Paging File | 2,55 Gb Available in Paging File | 85,49% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 20,74 Gb Free Space | 27,83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PLESSIX-1
Current User Name: Les parents
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days

========== Processes ==========

[2004/09/07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
[2008/05/12 11:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2002/04/12 00:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe
[2001/12/13 00:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe
[2007/09/10 23:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
[2008/09/10 15:50:26 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2002/11/27 13:38:32 | 00,061,440 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe
[2007/09/27 12:37:12 | 00,499,200 | ---- | M] (Luis Cobian) -- C:\Program Files\Cobian Backup 8\cbService.exe
[2007/08/27 14:17:26 | 00,047,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
[2007/08/27 14:21:40 | 00,113,320 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMA32.EXE
[2007/08/27 14:17:26 | 00,366,704 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
[2007/12/17 11:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
[2007/08/27 14:21:46 | 00,232,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMB32.EXE
[2005/04/22 03:54:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
[2004/08/04 01:55:02 | 00,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe
[2008/02/08 15:11:24 | 00,646,144 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe
[2007/08/27 14:21:26 | 00,125,608 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FCH32.EXE
[2001/08/23 17:47:30 | 00,032,256 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\BrmfRsmg.exe
[2007/08/27 14:21:26 | 00,391,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FAMEH32.EXE
[2007/08/27 14:17:34 | 00,043,696 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
[2007/08/27 14:22:18 | 00,162,472 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FNRB32.exe
[2007/08/27 14:17:36 | 00,425,584 | ---- | M] (F-Secure Corp.) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
[2007/08/27 14:15:46 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
[2007/08/27 14:22:16 | 00,101,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FIH32.exe
[2007/08/27 14:19:10 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
[2007/08/27 14:17:10 | 00,324,208 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
[2007/08/27 14:21:38 | 00,182,952 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSM32.EXE
[2007/08/27 14:20:12 | 00,473,712 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe
[2005/07/22 10:42:46 | 01,519,616 | ---- | M] (D-Link) -- C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
[2004/12/16 17:49:14 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2008/10/10 18:36:32 | 00,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[2007/04/23 03:00:00 | 00,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
[2003/08/29 18:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
[2003/08/29 10:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
[2007/04/11 14:32:22 | 00,056,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
[2008/10/22 19:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe

========== (O23) Win32 Services ==========

[2008/05/12 11:38:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2007/09/10 23:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0 [Auto | Running])
[2004/10/22 13:42:44 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Stopped])
[2008/09/10 15:50:26 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
[2002/11/27 13:38:32 | 00,061,440 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe -- (brmfrmps [Auto | Running])
[2002/04/12 00:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service [Auto | Running])
[2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/09/27 12:37:12 | 00,499,200 | ---- | M] (Luis Cobian) -- C:\Program Files\Cobian Backup 8\cbService.exe -- (CobBMService [Auto | Running])
[2007/08/27 14:17:26 | 00,047,816 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter [Auto | Running])
[2007/08/27 14:22:18 | 00,162,472 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FNRB32.exe -- (F-Secure Network Request Broker [On_Demand | Running])
[2008/10/18 18:13:36 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
[2007/08/27 14:15:46 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe -- (FSAUA [On_Demand | Running])
[2007/08/27 14:19:10 | 00,461,424 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe -- (FSDFWD [On_Demand | Running])
[2007/08/27 14:21:40 | 00,113,320 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\common\FSMA32.EXE -- (FSMA [Auto | Running])
[2007/12/17 11:13:18 | 00,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe -- (fsssvc [Auto | Running])
[2004/09/07 16:25:12 | 01,151,090 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
[2008/09/10 16:39:48 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
[2005/04/22 03:54:00 | 00,127,043 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
[2004/08/04 01:55:02 | 00,073,796 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\slserv.exe -- (SLService [Auto | Running])
[2008/02/08 14:44:14 | 01,952,256 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe -- (ThalliumServer [Disabled | Stopped])
[2008/02/08 15:11:24 | 00,646,144 | ---- | M] (Astase) -- C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe -- (thpassivesvc [Auto | Running])
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
[2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Driver Services ==========

[2002/09/05 21:41:20 | 00,667,543 | R--- | M] (Avance Logic, Inc.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2004/08/19 21:07:10 | 00,041,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/07/27 11:20:46 | 00,028,205 | ---- | M] (Alpha Networks Inc.) -- C:\WINDOWS\system32\ANIO.sys -- (ANIO [Auto | Running])
[2006/09/27 17:31:44 | 00,274,816 | ---- | M] (Guillemont Corporation) -- C:\WINDOWS\system32\drivers\HDvid.sys -- (APL531 [On_Demand | Running])
[2001/08/17 21:12:12 | 00,002,944 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt [On_Demand | Running])
[2001/08/17 21:12:20 | 00,060,416 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrSerWdm.sys -- (BrSerWDM [On_Demand | Running])
[2001/08/17 21:12:20 | 00,011,008 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys -- (BrUsbMdm [On_Demand | Running])
[2001/08/17 21:12:22 | 00,010,368 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn [On_Demand | Running])
[2006/09/28 16:05:54 | 00,022,656 | ---- | M] (Guillemot Corporation) -- C:\WINDOWS\system32\drivers\camfilt.sys -- (camfilt [On_Demand | Running])
[2007/08/27 14:18:04 | 00,039,792 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter [Disabled | Stopped])
[2007/08/27 14:17:44 | 00,062,064 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper [On_Demand | Running])
[2007/08/27 14:20:46 | 00,070,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\HIPS\fshs.sys -- (F-Secure HIPS [System | Running])
[2007/08/27 14:18:08 | 00,025,200 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer [Disabled | Stopped])
[2007/08/27 14:19:00 | 00,060,272 | ---- | M] (F-Secure Corporation) -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW [Boot | Running])
[2007/10/17 13:53:16 | 00,043,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\fssfltr.sys -- (fssfltr [Auto | Running])
[2004/08/04 00:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2004/09/07 16:27:22 | 00,091,136 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs [Disabled | Running])
[2004/09/07 16:27:38 | 00,028,544 | ---- | M] (Ahead Software AG) -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass [System | Running])
[2004/08/03 23:45:14 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Running])
[2007/04/11 14:32:30 | 00,020,496 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running])
[2007/04/11 14:32:38 | 00,063,248 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou [On_Demand | Stopped])
[2007/04/11 14:32:52 | 00,034,832 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt [On_Demand | Running])
[2007/04/11 14:32:58 | 00,036,112 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt [On_Demand | Running])
[2007/04/11 14:33:06 | 00,079,376 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE [On_Demand | Stopped])
[2004/08/19 21:07:10 | 00,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mf.sys -- (mf [On_Demand | Running])
[2001/08/17 22:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA [On_Demand | Running])
[2005/07/04 08:32:58 | 00,364,544 | R--- | M] (MSI) -- C:\WINDOWS\System32\msicpl.dll -- (MSICPL [On_Demand | Stopped])
[2001/08/17 23:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2004/08/03 23:41:40 | 00,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5 [On_Demand | Running])
[2004/08/03 23:41:38 | 01,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm [On_Demand | Stopped])
[2004/08/03 23:41:40 | 00,180,360 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax [On_Demand | Stopped])
[2005/04/22 03:54:00 | 03,095,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])
[2003/12/05 10:46:36 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2004/08/19 21:04:26 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/29 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2004/08/03 23:41:40 | 00,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\RecAgent.sys -- (RecAgent [Boot | Running])
[2005/06/04 20:07:56 | 00,319,104 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61 [On_Demand | Running])
[2007/11/13 11:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2004/08/04 00:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\drivers\SISAGP.SYS -- (sisagp [Boot | Running])
[2004/08/03 23:41:44 | 00,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr [On_Demand | Running])
[2004/08/03 23:41:46 | 00,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal [On_Demand | Stopped])
[2004/08/03 23:41:46 | 00,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup [On_Demand | Running])
[2004/08/04 00:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio [On_Demand | Running])
[2006/11/02 06:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Running])
[2004/08/19 21:12:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])

========== Internet Explorer ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\S-1-5-21-1454471165-484763869-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
HKU\S-1-5-21-1454471165-484763869-1957994488-1004\S-1-5-21-1454471165-484763869-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: (784 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..\Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW (F-Secure Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install (NVIDIA Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\BRMFLPRO\BrDefPrt.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004..\Run: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 0

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (SmartShopper Networks)
O9 - Extra Button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\SmartShopper\Bin\2.5.0\SmrtShpr.dll (SmartShopper Networks)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Sites: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Sites: www.rendezvousfacile.com (https in Sites de confiance)
O15 - HKCU\..Trusted Sites: 27 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..Trusted Sites: www.rendezvousfacile.com (https in Sites de confiance)
O15 - HKU\S-1-5-21-1454471165-484763869-1957994488-1004\..Trusted Sites: 27 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://webscanner.kaspersky.fr/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6531D99C-0D0E-4293-B3CB-A3E1D0D41847} http://aspglobal.ahnlab.com/asp/cab/AhnASP.cab (AhnASP Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler: - bwfile-8876480 - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler: - ipp - No CLSID value found
O18 - Protocol\Handler: - ipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - livecall - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp - No CLSID value found
O18 - Protocol\Handler: - msdaipp\0x00000001 - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msdaipp\oledb - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler: - msnim - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler: - wlmailhtml - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - See sections below for AppInitDlls and Winlogon settings

========== AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls" = karna.dat-20 WinNT
>File not found --
>File not found --

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}" (HKLM) -- C:\Program Files\SpywareGuard\spywareguard.dll ()

========== Safeboot Options ==========

"AlternateShell" = cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2008/02/08 19:56:36 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[2165/10/22 20:02:48 | 00,000,000 | ---D | C] -- C:\SDFix
[2165/10/22 20:00:17 | 01,554,567 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SDFix.exe
[2165/10/22 20:00:05 | 00,418,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe
[2165/10/22 19:57:56 | 00,418,816 | ---- | C] (OldTimer Tools) -- C:\OTListIt.exe
[2165/10/22 19:57:55 | 01,554,567 | ---- | C] () -- C:\SDFix.exe
[2165/10/21 22:42:45 | 00,000,128 | ---- | C] () -- C:\WINDOWS\System32\perf.dat
[2165/10/21 22:20:21 | 04,758,201 | ---- | C] () -- C:\WINDOWS\System32\ahnszhs.szd
[2165/10/21 22:20:21 | 02,908,259 | ---- | C] () -- C:\WINDOWS\System32\ahnszns.szd
[2165/10/21 22:20:21 | 00,070,528 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2165/10/21 22:20:20 | 05,590,351 | ---- | C] () -- C:\WINDOWS\System32\ahnszds.szd
[2165/10/21 21:57:44 | 00,001,580 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\xp-AntiSpy.lnk
[2165/10/21 21:57:43 | 00,000,000 | ---D | C] -- C:\Program Files\xp-AntiSpy
[2165/10/21 21:21:54 | 01,525,632 | ---- | C] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2165/10/21 21:21:54 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\AhnLab
[2165/10/21 21:14:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Malwarebytes
[2165/10/21 21:14:41 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2165/10/21 21:14:41 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2165/10/21 21:14:38 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2165/10/21 21:14:37 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2165/10/21 21:14:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2165/10/21 20:29:52 | 00,077,921 | ---- | C] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2165/10/21 20:27:48 | 00,000,000 | ---D | C] -- C:\Program Files\AhnLab
[2165/10/21 20:03:51 | 00,003,284 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCS{D5D1A8DA-1241-4F48-A176-10938E85BD9B}
[2165/10/21 18:44:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
[2165/10/21 18:00:46 | 00,000,690 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareBlaster.lnk
[2165/10/21 18:00:45 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2165/10/21 17:59:12 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard LiveUpdate.lnk
[2165/10/21 17:59:12 | 00,000,650 | ---- | C] () -- C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk
[2165/10/21 17:59:12 | 00,000,638 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard.lnk
[2165/10/21 17:59:10 | 00,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2165/10/21 17:47:13 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Watch.lnk
[2165/10/21 17:47:13 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2165/10/21 17:46:34 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2165/10/21 17:46:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2165/10/21 17:44:10 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Wise Installation Wizard
[2165/10/20 22:08:40 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2165/10/20 22:08:40 | 00,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2165/10/20 21:45:55 | 00,002,832 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2165/10/20 21:45:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Bureau\SmitfraudFix
[2008/10/27 15:39:13 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/10/27 15:33:26 | 00,334,848 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTMoveIt3.exe
[2008/10/26 16:39:09 | 00,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2008/10/26 16:39:09 | 00,000,268 | -H-- | C] () -- C:\sqmdata07.sqm
[2008/10/26 16:39:08 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2008/10/26 16:39:08 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2008/10/25 21:39:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Kaspersky Lab
[2008/10/25 15:38:48 | 00,006,656 | ---- | C] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/20 18:02:36 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\CCleaner.lnk
[2008/10/20 18:02:36 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2008/10/20 16:49:17 | 00,020,840 | ---- | C] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/19 16:15:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2008/10/19 16:14:40 | 00,130,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/18 18:14:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2008/10/18 18:13:36 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Macrovision Shared
[2008/10/18 18:12:50 | 00,000,844 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Photoshop Elements 6.0.lnk
[2008/10/18 11:04:00 | 00,000,000 | ---D | C] -- C:\Nathan Vacances CP
[2008/10/17 19:47:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\OpenOffice.org
[2008/10/17 19:33:13 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.0.lnk
[2008/10/17 19:28:44 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2008/10/17 19:28:07 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2008/10/17 19:17:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Bureau\OpenOffice.org 3.0 (fr) Installation Files
[2008/10/13 16:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Yahoo!
[2008/10/13 16:00:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2008/10/11 19:48:09 | 00,000,886 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\EMPLOI DU TEMPS CAMILLE.ods.lnk
[2008/10/10 18:37:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Les parents\Application Data\Logitech
[2008/10/10 18:37:06 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\LogiShared
[2008/10/10 18:36:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files
[2008/10/10 18:36:51 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2008/10/10 18:36:40 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2008/10/10 18:36:35 | 00,002,074 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
[2008/10/10 18:36:30 | 00,127,034 | R--- | C] (BackWeb Technologies Inc. ) -- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
[2008/10/10 18:35:07 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2008/10/10 18:34:55 | 00,001,681 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Paramètres de la souris et du clavier Logitech.lnk
[2008/10/10 18:34:30 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2008/10/10 18:34:29 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/10/10 18:33:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2008/10/10 18:33:36 | 00,036,112 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LMouFilt.Sys
[2008/10/10 18:33:35 | 01,419,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01005.dll
[2008/10/10 18:33:35 | 00,034,832 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LHidFilt.Sys
[2008/10/10 18:33:12 | 00,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
[2008/10/10 18:32:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2008/10/10 18:32:46 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2008/10/10 18:32:41 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Logitech
[2008/10/10 18:31:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2008/10/10 18:29:46 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidserv.dll
[2008/10/10 18:29:46 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2008/10/10 18:29:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2008/10/10 18:29:41 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2008/10/01 11:47:49 | 00,000,667 | ---- | C] () -- C:\Documents and Settings\Les parents\Bureau\Dofus.lnk
[2008/10/01 11:47:49 | 00,000,000 | ---D | C] -- C:\Program Files\Dofus
[2008/09/30 06:54:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak


========== Files - Modified Within 30 Days ==========

[8 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2165/10/21 22:42:45 | 00,000,128 | ---- | M] () -- C:\WINDOWS\System32\perf.dat
[2165/10/21 21:57:44 | 00,001,580 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\xp-AntiSpy.lnk
[2165/10/21 21:14:41 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2165/10/21 20:29:52 | 00,077,921 | ---- | M] (Ahnlab, Inc.) -- C:\WINDOWS\System32\v3w32se2.dll
[2165/10/21 20:04:30 | 00,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{D5D1A8DA-1241-4F48-A176-10938E85BD9B}
[2165/10/21 19:27:53 | 00,000,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2165/10/21 18:00:46 | 00,000,690 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareBlaster.lnk
[2165/10/21 17:59:12 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard LiveUpdate.lnk
[2165/10/21 17:59:12 | 00,000,650 | ---- | M] () -- C:\Documents and Settings\Les parents\Menu Démarrer\Programmes\Démarrage\SpywareGuard.lnk
[2165/10/21 17:59:12 | 00,000,638 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SpywareGuard.lnk
[2165/10/21 17:47:13 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Watch.lnk
[2165/10/21 17:47:13 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2165/10/20 22:08:40 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
[2165/10/20 21:45:56 | 00,002,832 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2165/10/20 20:45:13 | 00,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Safari.lnk
[2165/10/20 19:46:42 | 00,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2165/10/20 19:46:42 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2165/10/20 19:46:42 | 00,000,216 | -HS- | M] () -- C:\boot.ini
[2008/10/27 15:43:59 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2008/10/27 15:43:18 | 00,000,053 | ---- | M] () -- C:\biosinfo
[2008/10/27 15:40:38 | 00,002,651 | ---- | M] () -- C:\WINDOWS\BRMFBIDI.INI
[2008/10/27 15:40:34 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/10/27 15:40:25 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/10/27 15:33:31 | 00,334,848 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTMoveIt3.exe
[2008/10/27 14:03:00 | 00,000,266 | ---- | M] () -- C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2008/10/26 16:39:50 | 00,000,577 | ---- | M] () -- C:\Documents and Settings\Les parents\Mes documents\Mes dossiers de partage.lnk
[2008/10/26 16:39:09 | 00,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2008/10/26 16:39:09 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2008/10/26 16:39:09 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2008/10/26 16:39:08 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2008/10/26 09:12:17 | 00,480,848 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2008/10/26 09:12:17 | 00,412,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/10/26 09:12:17 | 00,080,762 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2008/10/26 09:12:16 | 00,066,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/10/26 09:12:13 | 01,053,480 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/10/25 21:37:58 | 00,000,784 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2008/10/25 15:39:20 | 00,006,656 | ---- | M] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/24 23:38:09 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/10/22 19:49:28 | 01,554,567 | ---- | M] () -- C:\SDFix.exe
[2008/10/22 19:49:28 | 01,554,567 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\SDFix.exe
[2008/10/22 19:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\OTListIt.exe
[2008/10/22 19:48:44 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Les parents\Bureau\OTListIt.exe
[2008/10/22 00:14:00 | 01,525,632 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\v3engine.sys
[2008/10/21 18:20:00 | 04,758,201 | ---- | M] () -- C:\WINDOWS\System32\ahnszhs.szd
[2008/10/21 18:16:00 | 05,590,351 | ---- | M] () -- C:\WINDOWS\System32\ahnszds.szd
[2008/10/21 18:15:00 | 02,908,259 | ---- | M] () -- C:\WINDOWS\System32\ahnszns.szd
[2008/10/20 22:11:00 | 00,070,528 | ---- | M] (AhnLab, Inc.) -- C:\WINDOWS\System32\drivers\ahnsze.sys
[2008/10/20 18:02:36 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\CCleaner.lnk
[2008/10/20 16:49:17 | 00,020,840 | ---- | M] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/19 16:14:40 | 00,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/10/19 13:27:17 | 00,002,405 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Pando.lnk
[2008/10/18 18:12:51 | 00,000,844 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Photoshop Elements 6.0.lnk
[2008/10/18 18:02:44 | 00,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2008/10/17 19:33:13 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.0.lnk
[2008/10/16 19:25:46 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/10/16 19:25:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/10/15 17:59:28 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi32.dll
[2008/10/15 17:59:28 | 00,332,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2008/10/14 18:01:14 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/10/11 19:47:38 | 00,000,886 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\EMPLOI DU TEMPS CAMILLE.ods.lnk
[2008/10/10 18:36:36 | 00,002,074 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
[2008/10/10 18:36:28 | 00,127,034 | R--- | M] (BackWeb Technologies Inc. ) -- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
[2008/10/10 18:35:07 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2008/10/10 18:34:55 | 00,001,681 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Paramètres de la souris et du clavier Logitech.lnk
[2008/10/10 18:34:30 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[2008/10/10 18:34:29 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[2008/10/10 18:33:12 | 00,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
[2008/10/07 20:19:40 | 16,721,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/10/04 11:31:49 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/10/03 18:12:27 | 06,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieframe.dll
[2008/10/03 18:12:27 | 06,066,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2008/10/02 19:56:33 | 02,107,620 | -H-- | M] () -- C:\Documents and Settings\Les parents\Local Settings\Application Data\IconCache.db
[2008/10/01 11:47:49 | 00,000,667 | ---- | M] () -- C:\Documents and Settings\Les parents\Bureau\Dofus.lnk

<End>

Encore merci pour tout .......
alto
 
Messages: 10
Inscription: 21 Oct 2008, 19:51
Localisation: Bretagne

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 43 invités

cron