[OK] analyse par otl et malaware

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede nickW » 02 Mai 2010, 15:06

Bonjour,

Il manque ceci:

Envoyer ensuite en réponse dans un message distinct (à cause de la longueur du fichier):
*- le rapport principal de OTL (contenu du fichier OTL.txt situé sur le Bureau).
Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.


Note importante: Pour l'envoi de ta(tes) réponse(s), il ne faut pas créer un nouveau sujet, mais cliquer sur le bouton "Répondre"
Image pour continuer dans ce fil de discussion.


A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede 0smoz » 02 Mai 2010, 17:51

oups j ai ete trop vite

acceptez mes plus plates excuse

Log OTL

OTL logfile created on: 02/05/2010 11:44:17 - Run 2
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Documents and Settings\Sebastien\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93,16 Gb Total Space | 42,35 Gb Free Space | 45,46% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
Drive F: | 298,09 Gb Total Space | 0,93 Gb Free Space | 0,31% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FAVIER
Current User Name: Sebastien
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/01 17:43:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sebastien\Bureau\OTL.exe
PRC - [2010/04/27 10:17:34 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam2\steam.exe
PRC - [2010/04/13 00:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/01 20:01:50 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/02/18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009/11/06 16:58:02 | 000,058,112 | ---- | M] (Space Sciences Laboratory) -- C:\Program Files\BOINC\boinctray.exe
PRC - [2009/11/04 21:36:05 | 002,923,192 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/10/06 21:19:36 | 000,071,168 | ---- | M] () -- C:\WINDOWS\system32\LxrJD31s.exe
PRC - [2009/04/10 19:29:08 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/02/27 07:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009/02/27 07:22:10 | 001,368,064 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2009/02/27 06:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009/02/27 06:40:52 | 001,202,448 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2009/02/27 06:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009/02/19 00:33:08 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/02/19 00:28:52 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008/11/18 15:37:52 | 001,179,648 | ---- | M] (BitDefender SRL) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2008/09/04 19:11:34 | 000,368,640 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
PRC - [2008/08/29 15:46:10 | 001,261,568 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/27 16:46:32 | 000,086,016 | ---- | M] (BitDefender) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
PRC - [2007/10/25 16:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 16:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 16:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/03/28 01:07:42 | 000,593,920 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007/02/28 10:55:18 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007/02/09 17:03:38 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
PRC - [2005/06/23 20:33:00 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
PRC - [2005/01/25 06:00:00 | 000,098,304 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAAE.EXE
PRC - [2004/08/28 10:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/28 10:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/08/16 16:08:56 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe
PRC - [2004/07/13 21:51:04 | 000,892,928 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2004/07/01 21:00:54 | 000,794,624 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
PRC - [2004/06/16 16:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/04/30 11:14:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2004/04/27 14:50:38 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe
PRC - [2004/04/22 16:23:44 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/02/12 11:43:56 | 001,019,904 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\PadTouch\PadExe.exe
PRC - [2003/09/15 17:19:16 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2010/05/01 17:43:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sebastien\Bureau\OTL.exe
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/02/19 00:31:16 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2009/02/19 00:26:28 | 000,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2008/04/14 04:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/10/19 13:19:10 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcInj.dll
MOD - [2004/04/22 16:23:36 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (winvnc)
SRV - File not found [On_Demand | Stopped] -- -- (wampmysqld)
SRV - File not found [On_Demand | Stopped] -- -- (wampapache)
SRV - File not found [On_Demand | Stopped] -- -- (usnjsvc)
SRV - File not found [Auto | Stopped] -- -- (repeater_service)
SRV - [2010/03/16 23:48:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/19 20:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2009/10/06 21:19:36 | 000,071,168 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s)
SRV - [2009/04/21 15:36:50 | 000,216,232 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/02/27 07:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009/02/27 06:55:20 | 000,909,312 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2009/02/27 06:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009/02/19 00:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/11/18 15:37:52 | 001,179,648 | ---- | M] (BitDefender SRL) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/08/29 15:46:10 | 001,261,568 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe -- (VSSERV)
SRV - [2008/08/29 15:01:16 | 000,151,552 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2008/08/15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2007/11/27 16:46:32 | 000,086,016 | ---- | M] (BitDefender) [Auto | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- (XCOMM)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2006/10/26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/28 10:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2004/06/16 16:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002/12/17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002/07/23 05:45:12 | 000,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


========== Driver Services (SafeList) ==========

DRV - [2009/12/03 12:17:48 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009/10/06 21:19:36 | 000,069,824 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d)
DRV - [2009/04/21 15:39:26 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/03/04 10:31:32 | 004,202,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/12/18 23:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/12/18 23:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/12/18 23:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/13 17:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/04/13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008/04/13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/15 14:12:06 | 005,854,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008/01/25 15:40:56 | 000,156,688 | ---- | M] (BitDefender SRL) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2008/01/16 14:12:10 | 000,008,320 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys -- (BDSelfPr)
DRV - [2008/01/07 17:41:34 | 000,196,368 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/09/26 07:01:32 | 002,236,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Pilote de carte Intel(R)
DRV - [2007/08/21 19:17:28 | 004,419,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/12 00:32:44 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2007/07/10 07:00:42 | 000,036,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2007/03/06 18:54:40 | 000,041,376 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/03/06 18:49:20 | 000,491,168 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2006/09/05 20:00:54 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58obex.sys -- (se58obex)
DRV - [2006/09/05 20:00:06 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mgmt.sys -- (se58mgmt) Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM)
DRV - [2006/09/05 19:59:18 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdm.sys -- (se58mdm)
DRV - [2006/09/05 19:59:14 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58mdfl.sys -- (se58mdfl)
DRV - [2006/09/05 19:58:26 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58bus.sys -- (se58bus) Sony Ericsson Device 088 driver (WDM)
DRV - [2006/09/05 19:57:54 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58nd5.sys -- (se58nd5) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS)
DRV - [2006/09/05 19:57:48 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se58unic.sys -- (se58unic) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM)
DRV - [2006/02/17 21:26:42 | 000,083,344 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\z530obex.sys -- (z530obex)
DRV - [2006/02/17 21:26:40 | 000,085,408 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\z530mgmt.sys -- (z530mgmt) Sony Ericsson Z530 USB WMC Device Management Drivers (WDM)
DRV - [2006/02/17 21:26:36 | 000,094,064 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\z530mdm.sys -- (z530mdm)
DRV - [2006/02/17 21:26:34 | 000,008,336 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\z530mdfl.sys -- (z530mdfl)
DRV - [2006/02/17 21:26:30 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\z530bus.sys -- (z530bus) Sony Ericsson Z530 Driver driver (WDM)
DRV - [2005/12/13 19:08:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/11/30 11:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/06/02 13:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)
DRV - [2004/07/26 14:28:02 | 000,004,352 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004/06/26 16:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 16:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2004/05/28 11:45:02 | 000,390,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004/04/22 16:18:48 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/04/14 14:52:22 | 000,005,632 | R--- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atiide.sys -- (atiide)
DRV - [2004/03/09 20:28:38 | 000,680,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/02/27 00:50:38 | 000,611,820 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/05 19:53:00 | 000,068,352 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003/10/27 13:59:00 | 000,013,842 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2003/02/18 19:02:06 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/12/10 16:13:22 | 000,007,552 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2002/11/05 16:00:46 | 000,039,424 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2002/08/08 15:51:32 | 000,038,951 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETMDUSB.sys -- (NETMDUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A 2F 93 C5 E0 DF CA 01 [binary data]
IE - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.47.4
FF - prefs.js..extensions.enabledItems: fr-reforme1990@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20


FF - HKLM\software\mozilla\Firefox\extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/06/05 10:11:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/19 18:40:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/27 22:40:51 | 000,000,000 | ---D | M]

[2010/04/19 18:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Extensions
[2009/04/22 11:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/05/02 00:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions
[2010/04/28 08:22:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/28 23:40:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/01 11:08:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/19 19:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/04/22 16:08:43 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/04/27 00:04:19 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/04/19 19:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Mozilla\Firefox\Profiles\fth0ooj0.default\extensions\fr-reforme1990@dictionaries.addons.mozilla.org
[2010/05/02 11:24:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/27 22:40:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\components\np32asw.dll
[2004/07/02 14:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32asw.dll
[2008/02/28 13:11:00 | 000,470,016 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npagent.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/04 21:36:05 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/04/25 10:07:00 | 000,392,675 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 13563 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-781CD0E19F00} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe (BitDefender)
O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\PadTouch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [Sonic RecordNow!] File not found
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [Steam] c:\program files\steam2\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Sebastien\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4130127721-353058759-2456171261-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://cid-bdcf6aa14ff82fe1.spaces.live ... nPUpld.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\System32\cryptnet32.dll) - C:\WINDOWS\System32\cryptnet32.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\704fb8b7509: DllName - C:\WINDOWS\System32\cryptnet32.dll - C:\WINDOWS\System32\cryptnet32.dll File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sebastien\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sebastien\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/24 08:23:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/05/02 11:16:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/02 10:31:07 | 000,000,000 | ---D | C] -- C:\Navilog1
[2010/05/02 10:31:06 | 000,000,000 | ---D | C] -- C:\Program Files\navilog1
[2010/05/01 17:53:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/01 17:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 17:49:40 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Sebastien\Bureau\erunt-setup.exe
[2010/05/01 17:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Application Data\Malwarebytes
[2010/05/01 17:47:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/01 17:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/01 17:47:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/01 17:47:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/01 17:44:14 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sebastien\Bureau\mbam-setup.exe
[2010/05/01 17:43:13 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sebastien\Bureau\OTL.exe
[2010/04/30 12:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\BOINC
[2010/04/30 12:24:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BOINC
[2010/04/25 01:17:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sebastien\Recent
[2010/04/24 00:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\Temp
[2010/04/24 00:03:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/04/16 18:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\dumps
[2010/04/14 20:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Vuze_Remote
[2010/04/13 12:32:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Bureau\Custodia Anti-Cheat
[2010/04/11 12:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/04/11 12:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/04/11 12:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/04/11 11:34:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\Conduit
[2010/04/11 11:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/09 18:26:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Application Data\vlc
[2010/04/01 19:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/03/31 21:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/31 03:58:24 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/03/30 20:18:21 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010/03/30 20:17:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/29 22:37:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Application Data\RayV
[2010/03/18 21:28:30 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe AIR
[2010/03/18 21:26:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/03/17 02:12:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Mes documents\Adobe
[2010/03/17 01:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ALM
[2010/03/17 00:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010/03/16 22:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/03/15 20:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010/03/15 19:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Tracing
[2010/03/15 19:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/15 19:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/03/15 19:07:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/15 18:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010/03/09 01:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Custom-Strike
[2010/03/08 19:59:18 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/03/06 16:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Steam2
[2010/02/26 16:19:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Bureau\archive
[2010/02/20 21:24:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Application Data\pokerth
[2010/02/19 21:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 21:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 21:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 21:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 21:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/02/19 12:55:56 | 000,241,664 | ---- | C] (ESL) -- C:\Documents and Settings\Sebastien\Bureau\aequitas.exe
[2010/02/16 13:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\Mumble
0smoz
 
Messages: 13
Inscription: 01 Mai 2010, 16:59

Messagede 0smoz » 02 Mai 2010, 17:52

========== Files - Modified Within 90 Days ==========

[2010/05/02 18:44:15 | 000,081,984 | ---- | M] () -- C:\WINDOWS\System32\bdod.bin
[2010/05/02 18:14:01 | 000,001,060 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/02 11:19:42 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/02 11:19:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/02 11:19:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/02 11:18:17 | 023,855,104 | -H-- | M] () -- C:\Documents and Settings\Sebastien\NTUSER.DAT
[2010/05/02 11:18:08 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Sebastien\ntuser.ini
[2010/05/02 11:05:38 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI
[2010/05/02 10:24:33 | 000,231,559 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\Navilog1.exe
[2010/05/02 10:23:54 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\rkill.scr
[2010/05/01 17:51:37 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Sebastien\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/05/01 17:50:51 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\NTREGOPT.lnk
[2010/05/01 17:50:51 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\ERUNT.lnk
[2010/05/01 17:49:07 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Sebastien\Bureau\erunt-setup.exe
[2010/05/01 17:47:35 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/05/01 17:44:29 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Sebastien\Bureau\mbam-setup.exe
[2010/05/01 17:43:14 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sebastien\Bureau\OTL.exe
[2010/05/01 17:05:37 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 20:56:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/27 23:15:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/04/25 22:51:14 | 005,365,879 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\record-1004252011-de_nuke.rar
[2010/04/25 22:50:33 | 032,111,425 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\record-1004252011-de_nuke.dem
[2010/04/25 10:07:00 | 000,392,675 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/04/24 11:15:20 | 000,005,959 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\server.cfg
[2010/04/24 00:08:57 | 000,001,489 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\DivX Movies.lnk
[2010/04/24 00:08:19 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk
[2010/04/24 00:07:54 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk
[2010/04/22 11:20:41 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Steam.lnk
[2010/04/19 19:33:42 | 000,391,917 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100425-100700.backup
[2010/04/19 19:15:47 | 000,000,707 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100419-193342.backup
[2010/04/19 18:39:11 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/04/19 17:56:49 | 000,111,808 | ---- | M] () -- C:\WINDOWS\System32\J_L-HKMt-H9G6D_.exe
[2010/04/18 20:01:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010/04/18 19:51:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/04/14 23:19:46 | 000,006,405 | ---- | M] () -- C:\Documents and Settings\Sebastien\style.php
[2010/04/11 11:35:59 | 000,001,505 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Vuze.lnk
[2010/04/10 21:25:13 | 000,000,288 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\aequitas.ini
[2010/04/09 18:25:37 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/04/05 01:52:08 | 002,108,634 | -H-- | M] () -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\IconCache.db
[2010/04/04 21:14:17 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mumble (Backwards Compatible).lnk
[2010/04/04 21:14:17 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mumble.lnk
[2010/03/31 21:04:13 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2010/03/31 18:13:26 | 002,345,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/31 03:58:24 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/03/30 22:17:30 | 000,056,264 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/03/30 20:36:49 | 000,075,296 | ---- | M] () -- C:\Documents and Settings\Sebastien\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/30 20:15:34 | 000,531,566 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/03/30 20:15:33 | 000,462,192 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/30 20:15:33 | 000,093,526 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/03/30 20:15:33 | 000,079,922 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/30 20:15:28 | 001,181,606 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/30 10:35:00 | 000,380,760 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100415-223430.backup
[2010/03/22 12:18:51 | 000,000,790 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100330-103459.backup
[2010/03/15 19:09:14 | 000,001,753 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\Windows Live Messenger .lnk
[2010/03/08 19:59:18 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/03/06 16:56:32 | 000,001,625 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\Counter-Strike.lnk
[2010/03/05 00:21:53 | 000,057,857 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\tn068.jpg
[2010/02/27 17:26:42 | 000,004,467 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\config.cfg
[2010/02/19 21:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 21:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 21:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 21:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 21:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/02/19 12:51:55 | 001,520,187 | ---- | M] () -- C:\Documents and Settings\Sebastien\Bureau\aequitas_1_03.zip
[2010/02/15 12:30:57 | 000,002,390 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\MumbleAutomaticCertificateBackup.p12
[2010/02/11 20:59:30 | 327,481,344 | ---- | M] () -- C:\Documents and Settings\Sebastien\Mes documents\20091224_205654.m2ts
[2010/02/07 10:52:42 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk

========== Files Created - No Company Name ==========

[2010/05/02 10:24:32 | 000,231,559 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\Navilog1.exe
[2010/05/02 10:23:53 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\rkill.scr
[2010/05/01 17:51:37 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Sebastien\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/05/01 17:50:51 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\NTREGOPT.lnk
[2010/05/01 17:50:51 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\ERUNT.lnk
[2010/05/01 17:47:35 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/04/25 22:50:54 | 005,365,879 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\record-1004252011-de_nuke.rar
[2010/04/25 22:50:22 | 032,111,425 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\record-1004252011-de_nuke.dem
[2010/04/24 11:13:13 | 000,005,959 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\server.cfg
[2010/04/24 00:08:57 | 000,001,489 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\DivX Movies.lnk
[2010/04/24 00:08:19 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Player.lnk
[2010/04/24 00:07:54 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Plus Converter.lnk
[2010/04/24 00:05:22 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2010/04/24 00:04:17 | 000,001,060 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/24 00:04:16 | 000,001,056 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/20 00:13:57 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\Internet Explorer.lnk
[2010/04/19 18:39:11 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/04/19 18:13:36 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Sebastien\site.txt
[2010/04/19 14:19:33 | 000,111,808 | ---- | C] () -- C:\WINDOWS\System32\J_L-HKMt-H9G6D_.exe
[2010/04/16 11:44:51 | 000,000,264 | ---- | C] () -- C:\Documents and Settings\Sebastien\secou msn.txt
[2010/04/14 23:19:46 | 000,006,405 | ---- | C] () -- C:\Documents and Settings\Sebastien\style.php
[2010/04/09 18:25:37 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010/04/04 21:14:17 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mumble (Backwards Compatible).lnk
[2010/04/04 21:14:17 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mumble.lnk
[2010/03/31 21:04:13 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2010/03/06 16:56:30 | 000,001,625 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\Counter-Strike.lnk
[2010/03/06 16:36:10 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Steam.lnk
[2010/03/05 00:21:42 | 000,057,857 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\tn068.jpg
[2010/02/19 12:56:26 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\aequitas.ini
[2010/02/19 12:55:57 | 001,211,904 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\AequiAPI.dll
[2010/02/19 12:55:57 | 000,355,840 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\capture32.dll
[2010/02/19 12:51:47 | 001,520,187 | ---- | C] () -- C:\Documents and Settings\Sebastien\Bureau\aequitas_1_03.zip
[2010/02/15 12:30:57 | 000,002,390 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\MumbleAutomaticCertificateBackup.p12
[2010/02/11 20:12:23 | 327,481,344 | ---- | C] () -- C:\Documents and Settings\Sebastien\Mes documents\20091224_205654.m2ts
[2009/10/06 21:19:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2009/10/06 21:19:37 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll
[2009/10/06 21:19:36 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll
[2009/10/06 21:19:36 | 000,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys
[2009/10/04 23:45:22 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/05/06 16:36:14 | 000,000,789 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/04/28 14:56:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SetPointInstall.ini
[2009/04/15 00:19:21 | 000,000,237 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009/04/15 00:18:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2009/04/15 00:18:25 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2009/04/15 00:16:43 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2009/03/07 17:26:42 | 000,015,581 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/03/07 17:24:46 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/03/02 12:50:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009/01/14 15:30:07 | 000,995,328 | ---- | C] () -- C:\WINDOWS\System32\ChartSuite.dll
[2009/01/14 14:58:56 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\RegisterDialog.dll
[2008/07/04 11:44:55 | 000,262,416 | ---- | C] () -- C:\WINDOWS\System32\ASFV2.DLL
[2008/07/04 11:41:11 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[2008/06/01 14:17:52 | 000,000,063 | ---- | C] () -- C:\WINDOWS\yesmessenger.ini
[2008/03/24 19:53:16 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2008/03/24 19:07:14 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2008/03/21 09:52:38 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI
[2008/03/20 11:22:34 | 000,051,370 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/03/19 23:01:28 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED68PE.ini
[2008/03/19 20:09:13 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2008/03/06 16:49:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll
[2004/08/24 10:24:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/24 10:16:57 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini
[2004/08/24 10:01:31 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/24 09:50:59 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/08/24 09:50:59 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/08/24 09:50:59 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/08/24 09:50:59 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/08/24 09:50:59 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/08/24 09:50:58 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/08/24 09:39:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/08/24 09:38:55 | 000,019,607 | ---- | C] () -- C:\WINDOWS\System32\drivers\TOSSMBNT.sys
[2004/08/24 09:29:15 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2004/08/24 09:29:15 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2004/08/24 09:25:56 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2004/08/24 09:25:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2004/08/24 09:25:56 | 000,010,177 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2004/08/24 09:25:56 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2004/08/24 09:19:22 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/08/24 09:13:58 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004/08/24 08:28:45 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/24 08:05:29 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2004/08/24 08:05:29 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/20 10:50:41 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/07/12 23:18:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2008/03/20 20:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/09/26 01:07:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/05/02 11:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOINC
[2009/06/01 18:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/01/31 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
[2008/03/20 20:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2008/11/02 18:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FlashFXP
[2008/12/26 13:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2009/04/28 14:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/03/15 21:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/11/04 21:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009/11/04 21:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2008/11/28 21:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2008/09/03 20:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2009/10/26 19:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/03/24 19:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2009/01/03 12:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
[2009/10/26 19:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2004/08/24 09:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2009/11/13 00:05:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Sebastien\Application Data\.#
[2010/05/01 12:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Azureus
[2006/09/26 01:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Bitdefender
[2008/05/01 00:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Camfrog
[2010/03/18 21:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/01 22:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\FileZilla
[2008/12/18 02:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\FireShot
[2008/12/06 01:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\gtk-2.0
[2010/05/01 21:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\HLSW
[2010/01/25 18:47:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\HTML Executable
[2008/12/26 00:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\ICQLite
[2008/10/29 11:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\InterVideo
[2008/09/04 10:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Leadertech
[2009/04/22 11:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\LimeWire
[2008/03/20 10:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\ma-config.com
[2010/04/04 21:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Mumble
[2009/03/08 12:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\NetMedia Providers
[2010/03/02 17:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Octoshape
[2010/02/20 21:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\pokerth
[2008/11/28 21:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Publish Providers
[2009/12/07 19:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\QuickScan
[2010/04/19 18:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\RayV
[2010/03/06 11:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\shockvoice
[2008/11/28 21:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Sony
[2008/10/22 17:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Sony Setup
[2009/11/13 00:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Tactical Coders
[2008/11/21 00:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\TeamViewer
[2009/03/02 11:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Teleca
[2004/08/24 09:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\toshiba
[2009/04/24 03:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sebastien\Application Data\Uniblue
[2008/03/06 12:12:40 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 512 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA
<End>


voila et encore désolé
0smoz
 
Messages: 13
Inscription: 01 Mai 2010, 16:59

Messagede nickW » 04 Mai 2010, 00:34

Bonsoir,

0smoz, le 02/05/2010, a écrit:je vous tiendrais au courant des évolutions

Ton PC présente-t-il encore des symptômes d'infection?


A suivre (car il reste des conseils de sécurité à appliquer),
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede 0smoz » 04 Mai 2010, 08:15

bonjour nickW
alors après 2jours d utilisation intensif

je n ai rien a déplorer

plus de crache que se soit firefox ou de mon explorer.exe

tout est redevenue a la normal et je tiens a t en remercier

et j attends les derniers conseils de sécurité ^^ avec impatience

encore merci du temps accordé

Amicalement 0smoz
0smoz
 
Messages: 13
Inscription: 01 Mai 2010, 16:59

Messagede nickW » 06 Mai 2010, 01:02

Bonsoir,

Deux remarques préliminaires:

Primo:
la partition D: est inaccessible (bloc défectueux). Faire un chkdsk sur la partition D:
la partition F: est saturée!


Secundo:
BitDefender 2008 est-il vraiment à jour?




Si le PC ne présente plus de symptômes d'infection, voici quelques conseils supplémentaires (sécurisation & optimisation) à appliquer:


ImageUn conseil important:
Il faut créer un nouveau point de restauration système.
Après nettoyage du PC, il faut vider les fichiers stockés dans les dossiers de la Restauration système, puis créer un nouveau point de restauration qui sera utilisable en cas de problème.
Méthode:
Désactiver la restauration système, réactiver la restauration système, puis créer un nouveau point de restauration.
Explications détaillées:
http://assiste.com.free.fr/p/comment/co ... ation.html


ImageUn conseil important:
Lorsque l'on installe une nouvelle version de Java de Sun, il est impératif d'en désinstaller toutes les versions obsolètes dont les failles sont utilisées par les "malveillants".
Pour ce faire:
JavaRa (de Fred de Vries et Paul McLain)
Télécharger JavaRa depuis cette page: http://raproducts.org/
(Dans l'article JavaRa, cliquer sur Download Windows Binary (.zip file)).
Enregistrer le fichier JavaRa.zip sur le Bureau.
Créer un nouveau dossier nommé JavaRa et y décompresser la totalité de l'archive (clic droit, puis Extraire tout).
Ouvrir le dossier JavaRa puis faire un double clic sur JavaRa.exe pour lancer l'outil.

Sous "Select the language of your choice below" choisir (via la liste déroulante) Français et cliquer sur le bouton Select.

Cliquer sur le bouton Effacer les anciennes versions et valider ce choix en cliquant sur Oui ("Êtes-vous sûr de vouloir poursuivre?").

Cliquer deux fois sur OK.
Un rapport va s'afficher dans le Bloc-notes. Fermer le Bloc-notes.
Fermer JavaRa.


ImageUn conseil:
Désactiver la fonction de lancement automatique ("autorun") sur les lecteurs amovibles.
Voir ce sujet de Gof:
Guide sécurisation Windows face aux menaces infectieuses USB
http://assiste.forum.free.fr/viewtopic.php?t=25228
Lire également (de Gof):
Les infections se propageant par les supports amovibles : USB, Flash, etc.
http://forum.zebulon.fr/infections-par- ... 31959.html
... et sa synthèse ici


ImageUn conseil:
La version gratuite de MBAM (Malwarebytes' Anti-Malware) reste utilisable pour effectuer des analyses à la demande.
Tu peux donc choisir de la laisser installée, et de l'utiliser de temps en temps (pour faire du "nettoyage") en faisant une mise à jour manuelle avant de demander l'examen.


ImageUn conseil:
Il est possible d'alléger la procédure de démarrage et de libérer quelques ressources système.
Certains programmes sont considérés comme "inutiles au démarrage": ils sont lancés systématiquement à chaque démarrage du système (même si l'on ne s'en sert pas), ils restent actifs et utilisent des ressources du système.
Il est indispensable de consulter la liste des startups (programmes lancés au démarrage) d'après Pacman (Paul Collins) pour prendre sa décision (les garder au démarrage ou non). Voir ICI.
Version téléchargeable (clic droit sur le lien): http://assiste.com.free.fr/ftp/Startups-vf.chm
Image Note: Le site n'est pas à jour, il faut utiliser la version téléchargeable.
Sont dans ce cas:
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()--->mise à jour automatique: mieux vaut la faire soi-même
O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\PadTouch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)--->mise à jour automatique: mieux vaut la faire soi-même

Il est possible d'utiliser Spybot-S&D (dans Outils---->Démarrage système) pour décocher les lignes correspondant aux programmes dont tu veux supprimer le lancement automatique à chaque démarrage du système (sauf indications particulières dans la liste de Pacman).
Si tu as ensuite des regrets, il te suffira de recocher ces lignes.


ImageUn conseil:
Image Il est préférable de supprimer OTL (fichier téléchargé OTL.exe et fichiers résultats OTL.Txt et Extras.Txt situés sur le Bureau, ainsi que, s'il existe, le fichier de travail fix.txt).
Note: S'il existe, le dossier SystemDrive\_OTL contient des sauvegardes. Après avoir vérifié que tous les logiciels du PC fonctionnent correctement, il sera possible de supprimer ce dossier.
Image Il est préférable de supprimer rkill (fichier rkill téléchargé, situé sur le Bureau).
Image Il est préférable de supprimer Navilog1 (lancer Navilog1 et choisir l'option 4, supprimer le fichier téléchargé Navilog1.exe et les fichiers résultats navi*-*.txt).
Image Il est préférable de supprimer JavaRa (fichier téléchargé JavaRa.zip, dossier JavaRa et fichier résultat SystemDrive\JavaRa.log)
Image Vider les quarantaines de l'antivirus et de l'anti-spyware.



Voilì, voilò, voilà.

Salut,

PS:
Si tu considères que ce sujet est clos, peux-tu mettre [OK] devant le titre du premier message. Voir ICI.
Merci.
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede 0smoz » 06 Mai 2010, 17:24

Merci bien de ton aide

j ai vraiment récupéré un pc rapide et appris pas mal de chose grâce a vous

j aimerai bien vous remerciez mais comment???

je galère juste pour le chkdsk je sais pas ou il faut le taper dans l exécuter je suppose mais je veux pas réalise de bêtises si ce n est pas le cas

et pour lire la liste des fichiers inutile au démarrage

sinon a propos du hdd F c est un externe avec tout les dossier film vidéo montages
et oui l antivirus est a jour car il est reporte en mise a niveau jusqu'à la fin de l année

Amicalement 0smoz
0smoz
 
Messages: 13
Inscription: 01 Mai 2010, 16:59

Messagede nickW » 07 Mai 2010, 00:16

Bonsoir,

1/ Pour le test du disque dur:

Démarrer ----> Exécuter
Taper cmd puis cliquer sur OK

Dans la fenêtre à fond noir qui s'est ouverte, taper:
chkdsk¤D:
(le caractère ¤ représente un espace)
puis appuyer sur Entrée


2/ Quel est le probléme "pour lire la liste des fichiers inutile au démarrage"?
Il faut télécharger le fichier http://assiste.com.free.fr/ftp/Startups-vf.chm (clic droit sur ce lien, puis Enregistrer sous...).
En cas de message d'erreur à l'ouverture de ce fichier ou s'il affiche une page d'anomalie, voir:
http://assiste.forum.free.fr/viewtopic.php?t=23901


3/ La partition F:, qu'elle appartienne à un disque externe ou non, est saturée.
Windows refusera de la défragmenter, et les copies sur cette partition risquent soit d'échouer, soit de durer de plus en plus longtemps.

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede 0smoz » 07 Mai 2010, 16:06

merci bien tout est ok

en vous remerciant amicalement 0smoz
0smoz
 
Messages: 13
Inscription: 01 Mai 2010, 16:59

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Yahoo [Bot] et 39 invités