[OK] Demande d'analyse de log pour PC molasson

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede Gacko » 16 Mar 2010, 12:34

Voilà cette fois ça a bien fonctionné. Je crois qu'avant hier OTL n'avait pas voulu écraser le 1er rapport toujours présent sur le bureau.
En parcourant le rapport c'est fou le nom de softs inutiles que j'ai accumulé au fil des années et dont je ne me souviens même plus à quoi ils servent ! Un bon ménage est à envisager ;-)

OTL logfile created on: 16/03/2010 12:29:24 - Run 3
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Documents and Settings\Eric Jeuffrain\Bureau
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144,30 Gb Total Space | 86,36 Gb Free Space | 59,85% Space Free | Partition Type: NTFS
Drive D: | 149,01 Gb Total Space | 101,49 Gb Free Space | 68,11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 569,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D9PJ012J
Current User Name: Eric Jeuffrain
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
PRC - [2010/01/23 19:26:21 | 007,403,336 | ---- | M] (Tencent Inc.) -- C:\Program Files\Foxmail\Foxmail.exe
PRC - [2009/10/01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/10/31 06:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008/10/31 06:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008/10/31 06:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008/09/14 19:44:32 | 001,831,424 | ---- | M] (Eric Wong) -- C:\Program Files\CircleDock0.9.2Alpha8.2\CircleDock0.9.2Alpha8.2\CircleDock.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/14 21:46:00 | 000,131,072 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe
PRC - [2006/11/13 14:07:02 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 14:06:52 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2005/09/15 10:47:22 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe


========== Modules (SafeList) ==========

MOD - [2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (wampmysqld)
SRV - File not found [On_Demand | Stopped] -- -- (wampapache)
SRV - [2010/03/07 19:17:05 | 002,462,256 | ---- | M] () [Auto | Running] -- c:\Program Files\Fichiers communs\Akamai\rswin_3648.dll -- (Akamai)
SRV - [2010/02/05 10:03:30 | 001,229,232 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/12/02 21:35:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/10/01 16:03:14 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/29 16:13:20 | 000,234,864 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/31 06:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008/10/31 06:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2007/11/14 21:46:00 | 000,131,072 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2007/08/16 15:34:06 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2007/04/21 13:54:10 | 000,052,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007/01/19 11:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/01/04 18:25:30 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/07/27 22:04:40 | 000,094,208 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\ERM\7.0\ERMLicSrv_ATL70.exe -- (ERMLicSrv_ATL70)
SRV - [2002/03/15 21:37:46 | 000,081,920 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.netvibes.com/#General"
FF - prefs.js..extensions.enabledItems: {723AAF16-AF1F-4404-A5D7-0BFE39766605}:0.3.3
FF - prefs.js..extensions.enabledItems: fr@dictionaries.addons.mozilla.org:3.5
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.17
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.5.2
FF - prefs.js..extensions.enabledItems: {26af1522-982e-c0c4-f54a-7e69fb6432f5}:0.4.1
FF - prefs.js..extensions.enabledItems: {5546F97E-11A5-46b0-9082-32AD74AAA920}:0.5.5.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: timetrack@usablehack.com:1.2.5
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/04 08:53:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/10 15:32:26 | 000,000,000 | ---D | M]

[2009/12/19 11:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Extensions
[2010/03/15 18:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions
[2010/02/05 20:39:16 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/02/27 22:59:40 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/03/12 08:51:02 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/10/02 19:13:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/02 19:12:19 | 000,000,000 | ---D | M] (Get jetable mail) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{26af1522-982e-c0c4-f54a-7e69fb6432f5}
[2009/10/02 19:12:19 | 000,000,000 | ---D | M] (SearchBox Companion) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{305cdad7-3fd0-c3df-5947-68e5318f5a1c}
[2009/10/15 10:29:05 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/02/24 22:43:30 | 000,000,000 | ---D | M] (InFormEnter) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920}
[2010/01/10 18:23:20 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}(2)
[2009/10/02 19:12:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{723AAF16-AF1F-4404-A5D7-0BFE39766605}
[2009/10/02 19:12:21 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2009/10/02 19:12:23 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/11/04 20:07:49 | 000,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f}
[2009/12/06 20:23:46 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/03/12 18:07:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/10/02 19:12:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2010/01/10 18:23:21 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2010/01/29 23:03:25 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/10/02 19:12:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/01/20 18:02:20 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010/03/08 13:13:30 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/12/11 21:57:55 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010/01/10 18:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\autopager@mozilla(2).org
[2009/10/02 19:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\dlembed@aeruder.net
[2010/01/10 18:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\firefox@red-cog(2).com
[2010/02/07 20:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\fr@dictionaries.addons.mozilla.org
[2009/10/02 19:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\info@visual-search.net
[2009/10/02 19:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\extensions\timetrack@usablehack.com
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\qza9jd1f.eric\extensions
[2009/10/02 19:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\qza9jd1f.eric\extensions\staged-xpis
[2009/12/13 20:47:04 | 000,002,172 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mozilla\Firefox\Profiles\he64hvt1.default\searchplugins\bing.xml
[2010/03/15 18:44:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/11/11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2008/12/11 18:08:27 | 000,056,576 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2007/03/10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2010/01/24 21:27:15 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/24 21:27:15 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/24 21:27:15 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/24 21:27:15 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/24 21:27:15 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/12/02 22:52:18 | 000,001,272 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Ziepod One-Click Helper) - {57A30D1E-08B9-4EF4-B273-AAEA1C234A5B} - C:\WINDOWS\system32\ZiepodOneClicker.dll (Ziepod)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON SX410 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\CircleDock.lnk = C:\Program Files\CircleDock0.9.2Alpha8.2\CircleDock0.9.2Alpha8.2\CircleDock.exe (Eric Wong)
O4 - Startup: C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.euro.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 7372360796 (MUWebControl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_1_0.cab (HardwareDetection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView\xnviewshell_wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView\xnviewshell_wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/01 07:17:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/04/06 11:41:12 | 000,000,064 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{e5cf847c-5bc9-11dc-869f-0011675b9253}\Shell - "" = AutoRun
O33 - MountPoints2\{e5cf847c-5bc9-11dc-869f-0011675b9253}\Shell\AutoRun\command - "" = L:\cle_usb2.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/15 18:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Conjugaison
[2010/03/14 18:39:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/13 11:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/13 11:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/13 11:34:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Malwarebytes
[2010/03/13 11:34:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/13 11:34:31 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/13 11:34:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/13 11:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/13 11:31:09 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
[2010/03/12 19:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Bureau\SASPlanet
[2010/03/12 18:08:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\dwhelper
[2010/03/12 08:44:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/03/10 14:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/03/10 13:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2010/03/10 13:12:06 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010/03/10 13:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\a-squared Free
[2010/03/10 13:03:15 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/03/10 13:03:03 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/10 12:59:40 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2010/03/10 12:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/10 12:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Lavasoft
[2010/03/10 11:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/03/09 11:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\MP3Gain
[2010/03/08 12:12:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\Mes sources de données
[2010/03/03 15:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Wswin
[2009/11/03 08:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2009/10/19 10:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help
[2009/02/12 07:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/02/11 18:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2008/01/22 19:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/09/16 19:23:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2007/08/16 11:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall

========== Files - Modified Within 14 Days ==========

[2010/03/16 12:28:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2010/03/16 12:04:28 | 000,195,150 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/03/16 12:04:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/16 12:04:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/16 12:04:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/16 12:04:17 | 2145,538,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/15 23:14:40 | 013,107,200 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\ntuser.dat
[2010/03/15 23:14:40 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Eric Jeuffrain\ntuser.ini
[2010/03/15 22:52:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/15 21:30:17 | 000,002,189 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\.recently-used.xbel
[2010/03/15 19:28:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187544455.job
[2010/03/15 15:43:22 | 046,785,391 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-15 15-41-11 Equidia.mpg
[2010/03/15 15:11:38 | 142,897,443 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-15 15-04-59 Equidia.mpg
[2010/03/15 12:42:52 | 000,065,896 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\vfalwuc79q.jpg
[2010/03/14 21:44:47 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/14 20:00:09 | 000,196,608 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/13 17:31:19 | 407,965,335 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-13 17-12-35 Equidia.mpg
[2010/03/13 11:36:33 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/13 11:31:12 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Eric Jeuffrain\Bureau\OTL.exe
[2010/03/12 18:00:00 | 000,000,426 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Eric Jeuffrain.job
[2010/03/12 17:13:55 | 001,138,422 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 17:13:55 | 000,518,410 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/03/12 17:13:55 | 000,449,228 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/12 17:13:55 | 000,087,946 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/03/12 17:13:55 | 000,074,182 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 09:23:39 | 000,000,935 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/12 09:20:20 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/10 16:23:54 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2010/03/10 13:19:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/10 13:03:03 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/09 20:35:45 | 079,906,816 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\Catalogue en cours.ccd
[2010/03/05 17:21:20 | 000,102,757 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\devenir_marechal.pdf

========== Files Created - No Company Name ==========

[2010/03/15 21:30:17 | 000,002,189 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\.recently-used.xbel
[2010/03/15 15:41:12 | 046,785,391 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-15 15-41-11 Equidia.mpg
[2010/03/15 15:05:02 | 142,897,443 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-15 15-04-59 Equidia.mpg
[2010/03/15 12:42:50 | 000,065,896 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\vfalwuc79q.jpg
[2010/03/13 17:12:37 | 407,965,335 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Mes documents\adsl TV 2010-03-13 17-12-35 Equidia.mpg
[2010/03/13 11:36:33 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010/03/12 12:59:41 | 2145,538,048 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/10 16:23:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2010/03/10 15:32:35 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/03/10 13:03:45 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/05 17:21:18 | 000,102,757 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Bureau\devenir_marechal.pdf
[2010/02/04 19:30:48 | 000,021,760 | ---- | C] () -- C:\WINDOWS\System32\MG16.DLL
[2010/02/04 19:30:46 | 000,040,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\mgnt.sys
[2010/01/12 22:28:51 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll
[2009/09/21 18:07:35 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\ADC2C7756C.sys
[2009/08/01 22:27:21 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\AutoGK.ini
[2009/07/08 14:36:09 | 000,000,155 | ---- | C] () -- C:\WINDOWS\WinDrvGhost.ini
[2009/06/21 20:01:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2009/05/16 15:34:25 | 000,000,137 | ---- | C] () -- C:\WINDOWS\MyDrivers.ini
[2009/05/16 11:49:43 | 000,000,024 | ---- | C] () -- C:\WINDOWS\system.sys
[2009/03/23 19:49:42 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ShLog.txt
[2009/03/23 19:38:38 | 000,003,522 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\ShLog.txt
[2009/03/01 19:55:41 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/02/17 18:22:53 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2009/01/17 10:40:23 | 000,000,385 | ---- | C] () -- C:\WINDOWS\exifmanager.ini
[2008/12/22 19:56:52 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2008/12/20 14:28:04 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\$_hpcst$.hpc
[2008/11/27 18:28:36 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008/11/27 18:28:36 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008/11/27 18:28:36 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2008/09/07 18:22:35 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008/08/22 22:51:41 | 000,000,443 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2008/06/26 05:24:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/06/26 05:24:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/06/26 05:24:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/06/26 05:24:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/06/26 05:24:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/03/25 21:10:28 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\812266F955.sys
[2008/03/25 21:10:15 | 000,007,308 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/03/16 18:22:48 | 000,004,093 | ---- | C] () -- C:\WINDOWS\NSAID.INI
[2008/03/15 17:19:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008/02/16 15:52:27 | 000,000,036 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2008/01/26 22:55:09 | 000,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2008/01/23 20:49:11 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2008/01/09 10:36:49 | 000,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008/01/09 10:36:49 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008/01/06 14:10:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2007/12/06 21:33:18 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/12/06 21:33:18 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/12/06 21:33:17 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/12/06 21:33:17 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007/11/08 21:10:20 | 001,880,064 | -HS- | C] () -- C:\Program Files\ehthumbs.db
[2007/10/13 15:55:06 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007/09/28 17:34:34 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2007/09/18 20:18:48 | 000,000,075 | ---- | C] () -- C:\WINDOWS\winDecrypt.INI
[2007/09/18 20:18:15 | 000,000,036 | ---- | C] () -- C:\WINDOWS\verypdf.ini
[2007/09/18 19:58:00 | 000,000,167 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI
[2007/09/16 19:29:35 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/22 10:41:03 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvGarmin.dll
[2007/08/22 10:41:03 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMagellan.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSena.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvMlr.dll
[2007/08/22 10:41:03 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvLowrance.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSilva.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvPyx.dll
[2007/08/22 10:41:03 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvAvmap.dll
[2007/08/22 10:41:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\OgcDrvSuu.dll
[2007/08/22 10:40:14 | 000,688,128 | ---- | C] () -- C:\WINDOWS\System32\BCGCB474.dll
[2007/08/22 10:40:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\CP30FW.DLL
[2007/08/22 10:40:14 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ConversApi.dll
[2007/08/22 10:40:14 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\Polyclip.dll
[2007/08/22 10:40:14 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\BCGCBResFRA.dll
[2007/08/22 10:40:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Ogc.dll
[2007/08/22 10:40:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Nmea.dll
[2007/08/22 10:40:14 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\RCalcul.dll
[2007/08/20 20:31:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\planning.INI
[2007/08/20 20:31:02 | 000,003,517 | ---- | C] () -- C:\WINDOWS\HyperPage.INI
[2007/08/19 18:19:40 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/08/18 09:07:23 | 000,002,552 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2007/08/18 09:07:22 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/08/16 19:21:57 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/08/16 17:05:30 | 000,000,158 | ---- | C] () -- C:\WINDOWS\pagesuit.ini
[2007/08/16 17:05:29 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007/08/16 15:22:43 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/16 13:01:00 | 000,196,608 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/16 12:59:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/16 12:50:03 | 000,639,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/08/16 11:26:52 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Eric Jeuffrain\Local Settings\Application Data\fusioncache.dat
[2006/01/04 18:35:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/01/04 18:32:23 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/01/04 18:26:05 | 000,005,811 | R--- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/01/04 18:02:56 | 000,004,969 | ---- | C] () -- C:\WINDOWS\System32\Sigfilt.ini
[2006/01/04 18:02:56 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/01/04 18:02:40 | 001,345,520 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/01/04 18:02:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2006/01/04 18:02:36 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2006/01/04 18:02:34 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2006/01/04 18:02:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\hcwXDS.dll
[2006/01/04 18:02:06 | 000,000,537 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/09/01 07:12:11 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 16:38:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/11/18 00:37:20 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/05/29 14:50:02 | 000,552,960 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2002/03/06 22:19:16 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2001/05/23 14:30:18 | 000,007,165 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2001/01/12 10:52:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\vbpng.dll
[2000/10/25 17:15:00 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll

========== LOP Check ==========

[2009/12/19 11:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2009/07/05 10:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2009/03/17 19:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/01/25 21:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitmeter2
[2009/04/25 16:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bluetooth
[2009/12/24 14:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/01/26 09:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/02/02 16:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009/05/30 19:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2010/01/25 19:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments
[2010/01/30 17:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/06/09 21:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010/01/13 13:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010/02/19 14:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010/01/13 14:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/05/29 17:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skyline
[2007/09/18 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2007/09/01 19:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2007/08/31 14:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/03/05 18:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2006/01/04 18:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/03/10 12:59:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}
[2009/05/29 18:19:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2010/02/14 19:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Azureus
[2010/01/25 21:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Bitmeter2
[2007/08/20 20:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\cByo
[2009/02/07 16:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\convertisseur
[2009/09/11 08:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dealio
[2010/03/10 16:23:54 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Dossier de téléchargement Share-to-Web
[2009/12/19 12:08:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\EPSON
[2010/03/08 22:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\FileZilla
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GARMIN
[2008/01/26 23:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GlarySoft
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\GrabIt
[2009/10/27 18:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Groobax
[2010/03/15 21:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\gtk-2.0
[2009/09/24 21:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Hrsim
[2009/12/19 11:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Inkscape
[2008/09/05 07:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\iPodder
[2010/01/10 19:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\KompoZer
[2010/01/08 16:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\kompozer.net
[2008/08/25 21:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Leadertech
[2009/07/10 20:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\MapInfo
[2009/05/22 09:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mindscape
[2008/03/15 22:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Mp3tag
[2007/08/16 19:53:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\MSNInstaller
[2010/01/30 17:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\NCH Swift Sound
[2009/05/01 16:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Netscape
[2008/07/26 18:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nitro PDF
[2010/01/13 18:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nokia
[2010/01/13 18:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Nokia Ovi Suite
[2010/02/10 19:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Notepad++
[2009/05/08 11:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\PACE Anti-Piracy
[2009/09/25 13:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\PC Suite
[2009/03/23 19:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Regrun
[2009/05/21 19:26:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Skyline
[2008/07/22 21:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\SolidDocuments
[2008/09/05 18:08:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Summer Athletics 2008
[2007/10/05 20:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Teleca
[2008/09/15 21:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\Template
[2009/02/28 23:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\TotalRecorder
[2010/03/12 16:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Eric Jeuffrain\Application Data\XnView
[2010/03/14 21:44:47 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2007/11/18 18:06:13 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187280336.job
[2010/03/15 19:28:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1187544455.job
[2007/08/17 22:45:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
[2010/03/16 12:28:00 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job

========== Purity Check ==========


<End>
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15

Messagede nickW » 17 Mar 2010, 00:31

Bonsoir,

En plus des "softs inutiles", il faudrait aussi envisager de nettoyer plus régulièrement les dossiers temporaires: 793 Mo ont été supprimés par OTL.


Les rapports envoyés me semblent bien plus "propres".


Peux-tu me dire comment se comporte le PC?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede Gacko » 18 Mar 2010, 11:21

Ca y est j'ai supprimé beaucoup de softs inutiles et refait un defrag.
Globalement il y a une amélioration sensible au lancement de Windows et des différents programmes :D C'est appréciable !
En ce qui concerne internet (la freebox est reliée au PC en ethernet) l'affichage des pages est toujours plus long que sur le portable de ma femme qui est en wifi. Je n'ai jamais compris pourquoi. Sans doute les meilleures performances d'un ordinateur récent et de Windows 7 :Mouaaarrrrffffffff:
Un grand merci sincère pour ton aide, ta patience et ta compétence. A charge de revanche si tu as besoin d'un coup de main en matière de logiciels de cartographie numérique.
Bonne journée.
Gacko
 
Messages: 11
Inscription: 12 Mar 2010, 22:15

Messagede nickW » 20 Mar 2010, 01:48

Bonsoir,

Si le PC ne présente plus de symptômes d'infection, voici quelques conseils supplémentaires (sécurisation & optimisation) à appliquer:


ImageUn conseil important:
Il faut créer un nouveau point de restauration système.
Après nettoyage du PC, il faut vider les fichiers stockés dans les dossiers de la Restauration système, puis créer un nouveau point de restauration qui sera utilisable en cas de problème.
Méthode:
Désactiver la restauration système, réactiver la restauration système, puis créer un nouveau point de restauration.
Explications détaillées:
http://assiste.com.free.fr/p/comment/co ... ation.html


ImageUn conseil important:
Installer la nouvelle version de Java de Sun.

Version actuelle: Java SE Runtime Environment (JRE) 6 Update 18 - JRE 6 Update 18
*- http://java.sun.com/javase/downloads/index.jsp

Dans le paragraphe "Java Platform, Standard Edition", cliquer sur le bouton Image (Download JRE).

Sur la page suivante, dans le paragraphe "Provide Information, then Continue to Download", choisir la plateforme (Windows/Windows x64), cocher la case située devant "I agree to the Java SE Runtime Environment 6u18 with JavaFX 1 License Agreement.", puis cliquer sur le bouton Continue >>

Sur la nouvelle page, sous "Windows Offline Installation", télécharger le fichier jre-6u18-windows-i586.exe, 15,20 MB

Après l'installation de la nouvelle version, il est impératif de désinstaller toutes les versions obsolètes dont les failles sont utilisées par les "malveillants".
Pour ce faire:
JavaRa (de Fred de Vries et Paul McLain)
Télécharger JavaRa depuis cette page: http://raproducts.org/
(Dans l'article JavaRa, cliquer sur Download Windows Binary (.zip file)).
Enregistrer le fichier JavaRa.zip sur le Bureau.
Créer un nouveau dossier nommé JavaRa et y décompresser la totalité de l'archive (clic droit, puis Extraire tout).
Ouvrir le dossier JavaRa puis faire un double clic sur JavaRa.exe pour lancer l'outil.

Sous "Select the language of your choice below" choisir (via la liste déroulante) Français et cliquer sur le bouton Select.

Cliquer sur le bouton Effacer les anciennes versions et valider ce choix en cliquant sur Oui ("Êtes-vous sûr de vouloir poursuivre?").

Cliquer deux fois sur OK.
Un rapport va s'afficher dans le Bloc-notes. Fermer le Bloc-notes.
Fermer JavaRa.


ImageUn conseil:
Désactiver la fonction de lancement automatique ("autorun") sur les lecteurs amovibles.
Voir ce sujet de Gof:
Guide sécurisation Windows face aux menaces infectieuses USB
http://assiste.forum.free.fr/viewtopic.php?t=25228
Lire également (de Gof):
Les infections se propageant par les supports amovibles : USB, Flash, etc.
http://forum.zebulon.fr/infections-par- ... 31959.html
... et sa synthèse ici


ImageUn conseil important:
Proscrire l'utilisation de P2P illicite!
eMule est l'antithèse de la sécurité (© Jim Rakoto).
Azureus n'est guère mieux.


ImageUn conseil:
La version gratuite de MBAM (Malwarebytes' Anti-Malware) reste utilisable pour effectuer des analyses à la demande.
Tu peux donc choisir de la laisser installée, et de l'utiliser de temps en temps (pour faire du "nettoyage") en faisant une mise à jour manuelle avant de demander l'examen.


ImageUn conseil:
Lire Quel comportement devez-vous adopter en tout temps?
Lire les Recommandations du "kit de sécurité", et en appliquer les mesures préventives.


ImageUn conseil:
Penser aux mises à jour.

Spybot - Search & Destroy 1.6.2 (1.4) - http://www.safer-networking.org/fr/download/index.html
Unlocker 1.8.9 (1.8.8) - http://ccollomb.free.fr/unlocker/
VLC media player 1.0.5 (1.0.0) - http://www.fr.videolan.org/
GIMP 2.6.8 (2.6.6) - http://gimp-win.sourceforge.net/
XnView 1.97.2 (1.96.5) - http://www.xnview.com/fr/index.html


ImageUn conseil:
Image Il est préférable de supprimer OTL (fichier téléchargé OTL.exe et fichiers résultats OTL.Txt et Extras.Txt situés sur le Bureau, ainsi que, s'il existe, le fichier de travail fix.txt).
Note: S'il existe, le dossier SystemDrive\_OTL contient des sauvegardes. Après avoir vérifié que tous les logiciels du PC fonctionnent correctement, il sera possible de supprimer ce dossier.
Image Il est préférable de supprimer JavaRa (fichier téléchargé JavaRa.zip, dossier JavaRa et fichier résultat SystemDrive\JavaRa.log)
Image Vider les quarantaines de l'antivirus et de l'anti-spyware.


Voilì, voilò, voilà.

Salut,

PS:
Si tu considères que ce sujet est clos, peux-tu mettre [OK] devant le titre du premier message. Voir ICI.
Merci.
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 26 invités