Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business
  


  


  nettoyer pc après infection

 

23 utilisateurs inconnus
Ajouter une réponse

 Mot :  Pseudo :  
Vider la liste des messages à citer  
 Page :
1
Auteur
 Sujet :

nettoyer pc après infection

Prévenir les modérateurs en cas d'abus 
n°507853
teter95
Posté le 05-06-2010 à 00:15:28  answer
Prévenir les modérateurs en cas d'abus
 

Bonjour
 system exploitation: windows xp pro sp3
 antivirus: kaspersky internet security 2010
 anti spyware: malwarebytes et spybot
 Ma question:
 En voulant faire un scan en mode sans echec avec malwarebytes en administrateur, celui-ci ne se lance pas.me demande d'envoyer le rapport erreur:MBMA_ERROR_EXPANDING_VA​RIABLES 0.9
 2eme message:MBMA_ERROR_MISSING_FIL​E 3.0,MBAMSWISSARMY.SYS le chemin d'acces specifié est introuvable.en mode normal il fonctionne très bien.
 Rapport RSIT:
 J'ai aussi fais un scan en ligne avec eset qui ma sorti 13troyens.
 si quelqu'un peut me traduire le rapport RSIT (c cool)
 besoin autre renseignement
 merci cordialement

 EDITION MODERATEUR : Règle du forum à respecter :

 Pas de rapport avant qu'il n'en soit demandé un ! :o

 Veuillez lire l'article suivant :
 http://forum.telecharger.01net [...] ges-1.html

 Merci d'en prendre connaissance.


 désolé autant pour moi.
 le lien n'aboutis sur rien.

n°507854
Profil supprimé
Posté le 05-06-2010 à 16:43:59  answer
Prévenir les modérateurs en cas d'abus
 

Salut, mettre votre log RSIT je vais regarder cela.

n°507855
teter95
Posté le 05-06-2010 à 18:38:34  answer
Prévenir les modérateurs en cas d'abus
 

Salut,
 J'ai desactiver spybot pour faire le test,
 Logfile of random's system information tool 1.07 (written by random/random)
 Run by titi at 2010-06-05 18:29:59
 Microsoft Windows XP Professionnel Service Pack 3
 System drive C: has 27 GB (9%) free of 305 GB
 Total RAM: 3071 MB (82% free)

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 18:30:17, on 05/06/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\WINDOWS\ATKKBService.exe
 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 C:\WINDOWS\RTHDCPL.EXE
 C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe
 C:\WINDOWS\system32\ctfmon.exe​
 C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\1.2.183.23\​GoogleCrashHandler.exe
 C:\RSIT.exe
 C:\Program Files\trend micro\titi.exe

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderName = Liens
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9C​CA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll​
 O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F7​6A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
 O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe" /c
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe​
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'Default user')
 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
 O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F0​8212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909​053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA​91D2FC3} (MUWebControl Class) - http://www.update.microsoft.co [...] 7976364843
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{956113AD-93B1-430B-86F6-1​828EC845D6A}: NameServer = 212.27.40.240,212.27.40.241
 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd3.dll,C:\PROGRA~1\KASPER​~1\KASPER~1\kloehk.dll
 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C​90312E1} - C:\WINDOWS\system32\browseui.d​ll
 O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\WINDOWS\system32\browseui.d​ll
 O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
 O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.ex​e
 O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​1\Intel 32\IDriverT.exe
 O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.ex​e
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.e​xe
 O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.ex​e
 O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.e​xe
 O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.e​xe
 O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe
 O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
 O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiap​srv.exe

 --
 End of file - 7633 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\AppleSoftware​Update.job
 C:\WINDOWS\tasks\GoogleUpdateT​askUserS-1-5-21-2000478354-129​2428093-839522115-1003Core.job​
 C:\WINDOWS\tasks\GoogleUpdateT​askUserS-1-5-21-2000478354-129​2428093-839522115-1003UA.job
 C:\WINDOWS\tasks\MyDefrag v4.2.9 Daily.job
 C:\WINDOWS\tasks\User_Feed_Syn​chronization-{1C367D9E-5BD4-45​EF-AF6D-A83A3F79EA4E}.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
 Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll [2010-04-04 75200]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
 Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll [2009-01-26 1879896]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
 IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
 Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll​ [2010-04-18 41760]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
 FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
 JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll [2010-04-18 79648]

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
 "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
 "NvCplDaemon"=C:\WINDOWS\syste​m32\NvCpl.dll [2010-04-03 13670504]
 "SunJavaUpdateSched"=C:\Progra​m Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
 "RTHDCPL"=C:\WINDOWS\RTHDCPL.E​XE [2006-06-28 16248320]
 "Alcmtr"=C:\WINDOWS\ALCMTR.EXE​ [2005-05-03 69632]

 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
 "Google Update"=C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe [2010-05-07 136176]
 "ctfmon.exe"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adob​e ARM]
 C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe [2010-03-24 952768]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS​ SmartDoctor]
 []

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
 C:\Program Files\ASUS\GamerOSD\GamerOSD.e​xe [2007-10-23 380928]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD]
 C:\Program Files\Hercules\Dualpix HD\XtrCtrl.exe [2009-10-19 2913576]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEM​ON Tools Lite]
 C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
 C:\PROGRA~1\Eraser\Eraser.exe [2010-04-10 979344]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
 C:\Program Files\iTunes\iTunesHelper.exe [2010-03-26 142120]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Quic​kTime Task]
 C:\Program Files\QuickTime\QTTask.exe -atboottime []

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
 C:\Program Files\Brother\Brmfl06a\BrStDvP​t.exe [2005-01-26 49152]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt2]
 []

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
 C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^titi^Menu Démarrer^Programmes^Démarrage^Spamihilator.lnk]
 []

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
 "UxTuneUp"=2
 "TuneUp.Defrag"=3
 "iPod Service"=3
 "Bonjour Service"=2
 "Apple Mobile Device"=2
 "NMSAccessU"=2

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
 "AppInit_DLLS"="C:\PROGRA~1\KA​SPER~1\KASPER~1\mzvkbd3.dll,C:​\PROGRA~1\KASPER~1\KASPER~1\kl​oehk.dll"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
 C:\WINDOWS\system32\klogon.dll​ [2009-10-20 219664]

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymSMR100]

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
 "NoDriveTypeAutoRun"=145
 "NoActiveDesktop"=0x00000000

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
 "HonorAutoRunSetting"=
 "NoDriveTypeAutoRun"=

 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"
 "C:\Program Files\Bonjour\mDNSResponder.ex​e"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
 "C:\Program Files\iTunes\iTunes.exe"="C:\P​rogram Files\iTunes\iTunes.exe:*:Enabled:iTunes"
 "C:\Program Files\uTorrent\uTorrent.exe"="​C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "%windir%\Network Diagnostic\xpnetdiag.exe"="%wi​ndir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
 "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:​\Program Files\Windows Live\Messenger\wlcsdk.exe:*:En​abled:Windows Live Call"
 "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C​:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:E​nabled:Windows Live Messenger"

 ======List of files/folders created in the last 1 months======

 2010-06-05 15:05:52 ----A---- C:\setup_9.0.0.722_05.06.2010_​15-36.exe
 2010-06-05 14:41:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
 2010-06-04 10:51:50 ----SHD---- C:\Config.Msi
 2010-06-04 10:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB98179​3$
 2010-06-04 10:28:22 ----A---- C:\WINDOWS\SchedLgU.Txt
 2010-06-04 10:22:10 ----D---- C:\Program Files\Microsoft Baseline Security Analyzer 2
 2010-06-04 10:02:17 ----A---- C:\WINDOWS\ntbtlog.txt
 2010-06-03 22:37:59 ----A---- C:\NPE.exe
 2010-06-03 18:11:05 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
 2010-06-03 07:23:43 ----D---- C:\sp3
 2010-06-03 07:23:26 ----D---- C:\Nouveau dossier
 2010-06-03 07:23:13 ----D---- C:\xpsp3
 2010-06-02 15:10:00 ----A---- C:\WINDOWS\system32\tmp.txt
 2010-06-02 15:09:21 ----A---- C:\WINDOWS\system32\WS2Fix.exe​
 2010-06-02 15:09:20 ----N---- C:\WINDOWS\system32\Process.ex​e
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\VCCLSID.ex​e
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\swxcacls.e​xe
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\swsc.exe
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\swreg.exe
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\SrchSTS.ex​e
 2010-06-02 15:09:20 ----A---- C:\WINDOWS\system32\dumphive.e​xe
 2010-06-02 14:49:29 ----D---- C:\rsit
 2010-06-02 14:49:29 ----D---- C:\Program Files\trend micro
 2010-06-02 14:43:15 ----A---- C:\RSIT.exe
 2010-06-01 17:25:27 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
 2010-05-31 23:24:42 ----D---- C:\Program Files\RegCleaner
 2010-05-30 04:16:06 ----D---- C:\Program Files\uTorrent
 2010-05-29 23:08:49 ----D---- C:\Program Files\Recuva
 2010-05-29 16:27:13 ----D---- C:\MFT 28
 2010-05-29 16:26:36 ----D---- C:\MFT 3418
 2010-05-29 15:43:15 ----D---- C:\Program Files\CCleaner
 2010-05-27 00:49:05 ----A---- C:\WINDOWS\system32\uxtuneup.d​ll
 2010-05-27 00:19:01 ----A---- C:\WINDOWS\system32\TURegOpt.e​xe
 2010-05-27 00:18:35 ----D---- C:\Documents and Settings\titi\Application Data\TuneUp Software
 2010-05-27 00:18:22 ----D---- C:\Program Files\TuneUp Utilities 2010
 2010-05-27 00:17:47 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
 2010-05-27 00:05:56 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-​0E7C3C0185CC}
 2010-05-24 21:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB97854​2$
 2010-05-10 15:46:12 ----SHD---- C:\WINDOWS\CSC
 2010-05-08 22:39:08 ----D---- C:\Documents and Settings\titi\Application Data\Media Player Classic
 2010-05-08 22:36:38 ----A---- C:\WINDOWS\system32\unrar.dll
 2010-05-08 11:28:36 ----HD---- C:\WINDOWS\PIF
 2010-05-07 23:48:28 ----D---- C:\Program Files\Eraser

 ======List of files/folders modified in the last 1 months======

 2010-06-05 18:28:21 ----D---- C:\WINDOWS\system32\CatRoot2
 2010-06-05 17:43:29 ----D---- C:\WINDOWS\Temp
 2010-06-05 17:24:45 ----SHD---- C:\System Volume Information
 2010-06-05 17:24:45 ----D---- C:\WINDOWS\system32\Restore
 2010-06-05 17:15:22 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
 2010-06-05 17:14:42 ----D---- C:\WINDOWS
 2010-06-05 15:19:50 ----HD---- C:\WINDOWS\inf
 2010-06-05 15:19:50 ----D---- C:\WINDOWS\system32\drivers
 2010-06-05 15:00:02 ----D---- C:\WINDOWS\Prefetch
 2010-06-05 14:41:51 ----RD---- C:\Program Files
 2010-06-04 22:39:15 ----SD---- C:\Documents and Settings\titi\Application Data\Microsoft
 2010-06-04 14:28:01 ----RSD---- C:\WINDOWS\assembly
 2010-06-04 14:25:07 ----D---- C:\WINDOWS\Microsoft.NET
 2010-06-04 10:53:28 ----SHD---- C:\WINDOWS\Installer
 2010-06-04 10:53:08 ----D---- C:\WINDOWS\system32
 2010-06-04 10:53:08 ----A---- C:\WINDOWS\system32\PerfString​Backup.INI
 2010-06-04 10:52:35 ----D---- C:\WINDOWS\WinSxS
 2010-06-04 10:28:44 ----D---- C:\WINDOWS\Debug
 2010-06-03 07:22:10 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
 2010-06-03 07:19:21 ----SD---- C:\WINDOWS\Tasks
 2010-06-03 07:15:46 ----SH---- C:\boot.ini
 2010-06-03 07:15:46 ----A---- C:\WINDOWS\win.ini
 2010-06-03 07:15:46 ----A---- C:\WINDOWS\system.ini
 2010-06-02 22:55:45 ----D---- C:\Program Files\MyDefrag v4.2.9
 2010-06-02 17:37:04 ----D---- C:\WINDOWS\system32\appmgmt
 2010-06-02 00:59:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
 2010-06-02 00:56:27 ----D---- C:\WINDOWS\ehome
 2010-06-01 23:36:10 ----D---- C:\Documents and Settings\titi\Application Data\uTorrent
 2010-06-01 16:43:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
 2010-06-01 15:56:30 ----D---- C:\WINDOWS\system32\inetsrv
 2010-05-30 03:53:07 ----D---- C:\WINDOWS\twain_32
 2010-05-29 15:45:16 ----D---- C:\WINDOWS\system32\config
 2010-05-29 15:45:11 ----D---- C:\WINDOWS\system32\wbem
 2010-05-29 15:45:11 ----D---- C:\WINDOWS\Registration
 2010-05-27 01:17:54 ----D---- C:\Documents and Settings\titi\Application Data\vlc
 2010-05-24 22:30:38 ----A---- C:\WINDOWS\system32\LegitCheck​Control.dll
 2010-05-24 22:30:35 ----A---- C:\WINDOWS\system32\WgaTray.ex​e
 2010-05-24 21:38:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2010-05-24 21:38:26 ----D---- C:\Program Files\Outlook Express
 2010-05-24 20:32:06 ----HD---- C:\WINDOWS\$hf_mig$
 2010-05-06 01:07:43 ----D---- C:\WINDOWS\system32\CatRoot
 2010-05-06 01:06:22 ----D---- C:\WINDOWS\Help
 2010-05-06 01:06:22 ----D---- C:\Program Files\NVIDIA Corporation
 2010-05-06 01:06:04 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 08260441;08260441; C:\WINDOWS\system32\DRIVERS\08​260441.sys [2009-09-25 128016]
 R1 68000101;68000101; C:\WINDOWS\system32\DRIVERS\68​000101.sys [2009-09-25 128016]
 R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\at​kkbnt.sys [2007-10-23 11136]
 R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\driver​s\EIO_XP.sys []
 R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-14 40576]
 R1 kl1;Kl1; \??\C:\WINDOWS\system32\driver​s\kl1.sys []
 R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\kl​if.sys [2010-03-07 315408]
 R1 SBRE;SBRE; \??\C:\WINDOWS\system32\driver​s\SBREdrv.sys []
 R1 setup_9.0.0.722_05.06.2010_15-​36drv;setup_9.0.0.722_05.06.20​10_15-36drv; C:\WINDOWS\system32\DRIVERS\6800010.sys [2009-10-09 315408]
 R3 APL531;Hercules Dualpix HD Webcam; C:\WINDOWS\System32\Drivers\HD​vidv.sys [2007-07-13 285952]
 R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\as​usgsb.sys [2007-10-23 12416]
 R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\As​usVRC.sys [2007-01-29 18432]
 R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GE​ARAspiWDM.sys [2009-05-18 26600]
 R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HD​AudBus.sys [2005-01-07 138752]
 R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 R3 hxctlflt;hxctlflt; C:\WINDOWS\system32\DRIVERS\hx​ctlflt.sys [2009-02-09 99968]
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\Rt​kHDAud.sys [2006-06-28 4304384]
 R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\kl​im5.sys [2009-09-14 32272]
 R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\kl​mouflt.sys [2009-10-02 19472]
 R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2002-09-07 12288]
 R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv​4_mini.sys [2010-04-03 10232128]
 R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rt​enicxp.sys [2005-11-16 78976]
 R3 TuneUpUtilitiesDrv;TuneUpUtili​tiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.s​ys []
 R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\us​behci.sys [2008-04-13 30208]
 R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\us​bhub.sys [2008-04-13 59520]
 R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Vi​deo3D32.sys [2007-10-23 10752]
 S1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Ui​m_IM.sys [2008-10-17 129888]
 S1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\Ui​mBus.sys [2008-10-17 32048]
 S3 a0gmwv1n;a0gmwv1n; C:\WINDOWS\system32\drivers\a0​gmwv1n.sys []
 S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\Br​ScnUsb.sys [2004-10-15 15295]
 S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 MsibiosDevice;MsibiosDevice; \??\C:\Program Files\MSI\Live Update 4\LU4\msibios.sys []
 S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\St​arOpen.sys []
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]
 S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\In​telIde.sys []

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-10-23 262144]
 R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
 R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-18 153376]
 R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.ex​e [2010-04-03 154216]
 R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe [2010-05-07 1051976]
 S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\aspnet_state.e​xe [2008-07-25 34312]
 S3 clr_optimization_v2.0.50727_32​;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
 S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\WPF\PresentationFont​Cache.exe [2008-07-29 46104]
 S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1​1\Intel 32\IDriverT.exe [2005-04-04 69632]
 S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceServi​ce.exe [2010-03-19 144672]
 S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.ex​e [2010-02-12 345376]
 S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
 S4 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe​ [2010-03-26 545576]
 S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Frame​work\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
 S4 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.ex​e [2009-11-12 71096]
 S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-27 435016]
 S4 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.ex​e [2008-04-14 14336]

 -----------------EOF----------​-------
 info.txt logfile of random's system information tool 1.06 2010-06-05 18:30:19

 ======Uninstall list======

 -->MsiExec /X{DEA314C4-0929-4250-BC92-98E​4C105F28D}
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\M​acromed\Flash\uninstall_plugin​.exe
 Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93​000000001}
 Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-688​2140265FE}
 Apple Mobile Device Support-->MsiExec.exe /I{B5C3B892-0849-476C-9F46-B12​F84819D57}
 Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39E​F732F19B1}
 ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478​B-9B1D-5431D0E6CB11}\setup.exe​" -l0x40c  -removeonly
 ASUS VideoSecurity Online-->C:\PROGRA~1\FICHIE~1\​INSTAL~1\Driver\9\INTEL3~1\IDr​iver.exe /M{7A529246-912F-4C40-A82A-E608DB702FD7}
 Bonjour-->MsiExec.exe /X{76BC2442-0002-47FA-9617-43B​AD82BEF4C}
 Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​PROFES~1\RunTime\11\00\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D​7-BD57-5CA85E2F33E1}\Setup.exe​" -l0x40c Brunin03.dll -removeonly
 CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
 CDBurnerXP-->MsiExec.exe /X{5932A5C4-BB44-4CFB-AD66-1B8​26F4D788B}
 Correctif pour Windows XP (KB981793)-->"C:\WINDOWS\$NtUn​installKB981793$\spuninst\spun​inst.exe"
 Eraser 6.0.7.1893-->MsiExec.exe /I{38BA2875-D7AD-4611-ABA3-C38​5051ADF42}
 Hercules Dualpix HD-->C:\Program Files\InstallShield Installation Information\{59579B12-97E6-437​E-B988-BA032165D355}\setup.exe​ -runfromtemp -l0x040c -removeonly
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A​786E658} /qb+ REBOOTPROMPT=""
 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
 Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C​063A63F31}
 iTunes-->MsiExec.exe /I{996A2FAA-7514-4628-9D12-A8F​C34A0016E}
 Java DB 10.5.3.0-->MsiExec.exe /X{00BA866C-F2A2-4BB9-A308-3DF​A695B6F7C}
 Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F8​3216020FF}
 Java(TM) SE Development Kit 6 Update 20-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B​0D0160200}
 Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F90​0D3B078EA}
 Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F90​0D3B078EA}
 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
 Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B​559F4E700}
 Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Micro​soft.NET\Framework\v1.1.4322\U​pdates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
 Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52E​AE172A1}
 Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F5​2EAE172A1}
 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE​176866A7C}
 Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1​D67F2073F}
 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2​E84599128}
 Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8D​CCDE8F8C7}
 Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65​FC413EA31}
 Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
 Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4​DCF5C5BD9}
 Microsoft Baseline Security Analyzer 2.1-->MsiExec.exe /I{55D1BF8E-EA8F-4969-82B9-B57​7010CFBCD}
 Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C​8A0C4D570}
 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C8​3EC895118}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-181​8da5d550d}
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8up​dates\KB971961-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8up​dates\KB976325-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8up​dates\KB978207-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8up​dates\KB981332-IE8\spuninst\sp​uninst.exe"
 Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUn​installKB978542$\spuninst\spun​inst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8up​dates\KB976662-IE8\spuninst\sp​uninst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8up​dates\KB978506-IE8\spuninst\sp​uninst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8up​dates\KB980182-IE8\spuninst\sp​uninst.exe"
 Mise à jour pour Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8up​dates\KB980302-IE8\spuninst\sp​uninst.exe"
 Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET​\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
 Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
 MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5​E3257BD94}
 MyDefrag v4.2.9-->"C:\Program Files\MyDefrag v4.2.9\unins000.exe"
 NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst​.exe DisplayControlPanel
 NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst​.exe UninstallGUI
 NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.e​xe -uninstall
 NVIDIA PhysX-->MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E​4C105F28D}
 OpenOffice.org 3.2-->MsiExec.exe /I{4EE2EF4B-25D3-4D44-8384-A2B​96F811F55}
 Paragon Drive Backup™ 9 Professional-->MsiExec.exe /I{485DF5E7-8379-4BFA-BAE1-9B8​DBFE0D6B4}
 Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
 REALTEK PCIE NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D0​1-BD7A-59F781E17EFA}\Setup.exe​" -l0x40c REMOVE
 Recuva-->"C:\Program Files\Recuva\uninst.exe"
 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F​8D1E69FB7}
 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
 TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system​32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DC​F5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275​C4F3607} /qb+ REBOOTPROMPT=""
 Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5​D14231E27}
 Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\sys​tem32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D1​4231E27} /qb+ REBOOTPROMPT=""
 VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.e​xe
 Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\s​puninst.exe"
 Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD​3A3F9DF41}
 Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04​F21F23956}
 Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8​525FFA3B1}

 ======Hosts File======

 127.0.0.1 www.007guard.com
 127.0.0.1 007guard.com
 127.0.0.1 008i.com
 127.0.0.1 www.008k.com
 127.0.0.1 008k.com
 127.0.0.1 www.00hq.com
 127.0.0.1 00hq.com
 127.0.0.1 010402.com
 127.0.0.1 www.032439.com
 127.0.0.1 032439.com

 ======Security center information======

 AV: Kaspersky Internet Security
 FW: Kaspersky Internet Security

 ======System event log======

 Computer Name: SHREDDER
 Event Code: 7036
 Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

 Record Number: 6166
 Source Name: Service Control Manager
 Time Written: 20100528005224.000000+120
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 7036
 Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

 Record Number: 6165
 Source Name: Service Control Manager
 Time Written: 20100528005223.000000+120
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

 Record Number: 6164
 Source Name: Service Control Manager
 Time Written: 20100528005222.000000+120
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 Computer Name: SHREDDER
 Event Code: 7036
 Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.

 Record Number: 6163
 Source Name: Service Control Manager
 Time Written: 20100528005217.000000+120
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 7035
 Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

 Record Number: 6162
 Source Name: Service Control Manager
 Time Written: 20100528005217.000000+120
 Event Type: Informations
 User: AUTORITE NT\SYSTEM

 =====Application event log=====

 Computer Name: SHREDDER
 Event Code: 11707
 Message: Produit : Adobe Reader 9.3 - Français -- Installation terminée.

 Record Number: 138
 Source Name: MsiInstaller
 Time Written: 20100311172845.000000+060
 Event Type: Informations
 User: SHREDDER\titi

 Computer Name: SHREDDER
 Event Code: 1800
 Message: Le service Centre de sécurité Windows a démarré.

 Record Number: 137
 Source Name: SecurityCenter
 Time Written: 20100311161401.000000+060
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 1800
 Message: Le service Centre de sécurité Windows a démarré.

 Record Number: 136
 Source Name: SecurityCenter
 Time Written: 20100311155450.000000+060
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 1800
 Message: Le service Centre de sécurité Windows a démarré.

 Record Number: 135
 Source Name: SecurityCenter
 Time Written: 20100311140504.000000+060
 Event Type: Informations
 User:

 Computer Name: SHREDDER
 Event Code: 1002
 Message: L'environnement s'est arrêté de façon inattendue et Explorer.exe a redémarré.

 Record Number: 134
 Source Name: Winlogon
 Time Written: 20100310205058.000000+060
 Event Type: Informations
 User:

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "Path"=c:\Program Files\NVIDIA Corporation\PhysX\Common;%Syst​emRoot%\system32;%SystemRoot%;​%SystemRoot%\System32\Wbem;C:\​WINDOWS\system32\WindowsPowerS​hell\v1.0
 "windir"=%SystemRoot%
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
 "PROCESSOR_REVISION"=0f06
 "NUMBER_OF_PROCESSORS"=2
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.​PSC1
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP
 "asl.log"=Destination=file;OnF​irstLog=command,environment

 -----------------EOF----------​-------
 merci

n°507856
Profil supprimé
Posté le 05-06-2010 à 20:04:24  answer
Prévenir les modérateurs en cas d'abus
 

Fait moi un log Hijackthis que je vérifie quelque chose:

 Télécharger combofix ici http://download.bleepingcomput [...] mboFix.exe et Choisir "Enregistrer la cible sous" et modifier le nom du fichier pour votre nick ou autre.
 (Windows 2K/XP/Vista 32 bits)

 Désactiver votre antivirus et Windows Defender avant d'exécuter le logiciel en cliquant dessus.

 Ensuite attendre que le log soit fini. Ne rien toucher avant la fin.

 La barre démarrer peut disparaître et c'est normal.

 Le rapport est dans "Bloc note" et vous pouvez le sauvegarder.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

n°507857
teter95
Posté le 06-06-2010 à 01:25:27  answer
Prévenir les modérateurs en cas d'abus
 

salut,
 j'ai juste le temps de faire scan hijackthis
 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 23:37:25, on 05/06/2010
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\nvsvc32.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\WINDOWS\ATKKBService.exe
 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 C:\Program Files\Java\jre6\bin\jqs.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe
 C:\WINDOWS\system32\wbem\wmiap​srv.exe
 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
 C:\WINDOWS\Explorer.EXE
 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
 C:\WINDOWS\RTHDCPL.EXE
 C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe
 C:\WINDOWS\system32\ctfmon.exe​
 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\1.2.183.23\​GoogleCrashHandler.exe
 C:\Program Files\Trend Micro\HijackThis\HijackThis.ex​e

 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = about:blank
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderName = Liens
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7​942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9C​CA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll​
 O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F7​6A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE​594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs​\ie\jqs_plugin.dll
 O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
 O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
 O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe" /c
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe​
 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SERVICE RÉSEAU')
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE​ (User 'Default user')
 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
 O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F0​8212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909​053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB​36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.​dll
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA​91D2FC3} (MUWebControl Class) - http://www.update.microsoft.co [...] 7976364843
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} - http://platformdl.adobe.com/NO [...] 1.6/gp.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{956113AD-93B1-430B-86F6-1​828EC845D6A}: NameServer = 212.27.40.240,212.27.40.241
 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\​mzvkbd3.dll,C:\PROGRA~1\KASPER​~1\KASPER~1\kloehk.dll
 O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
 O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1​1\Intel 32\IDriverT.exe
 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.ex​e
 O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe

 --
 End of file - 6413 bytes
 ces quoi ces lignes:
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe.
 tu as voulu me dire quoi
 le nom du fichier pour votre nick ou autre.
 Désactiver votre antivirus et Windows Defender je n'ai pas windows defender tu veux parler spybot.
 merci

n°507858
Profil supprimé
Posté le 06-06-2010 à 04:53:04  answer
Prévenir les modérateurs en cas d'abus
 

Je ne peux vraiment dire à quoi il sert mais je sais que c'est légtime et que c'est "Network Diagnostic pour Windows XP".

 Pour combofix si vous ne l'avez pas Defender ne tenez pas compte de l'instruction. Pour spybot, vérifier que le Teatimer n'est pas actif.

 Ensuite me copier/coller le log.

n°507859
teter95
Posté le 06-06-2010 à 15:01:45  answer
Prévenir les modérateurs en cas d'abus
 

bonjour,
 et merci de prendre un peu de temps pour le coup de main.

 ComboFix 10-06-05.02 - titi 06/06/2010  14:46:55.2.2 - x86
 Microsoft Windows XP Professionnel  5.1.2600.3.1252.33.1036.18.307​1.2662 [GMT 2:00]
 Lancé depuis: c:\documents and settings\titi\Bureau\ComboFix.​exe
 AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E2524​35469C0}
 FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E2524​35469C0}
 .

 (((((((((((((((((((((((((((((   Fichiers créés du 2010-05-06 au 2010-06-06  ))))))))))))))))))))))))))))))​))))))
 .

 2010-06-06 12:26 . 2010-06-06 12:30 -------- d-----w- C:\REG.SAV.ERUNT
 2010-06-05 21:12 . 2010-06-05 21:12 812344 ----a-w- C:\HJTInstall.exe
 2010-06-05 15:59 . 2010-06-05 15:59 1128323 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\HDTach-3-0​-4-0.exe
 2010-06-05 15:49 . 2010-06-05 15:49 690519 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\click_clea​n_setup.exe
 2010-06-05 13:19 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\68​000102.sys
 2010-06-05 13:19 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\68​00010.sys
 2010-06-05 13:19 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\68​000101.sys
 2010-06-05 13:17 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\08​260442.sys
 2010-06-05 13:17 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\08​26044.sys
 2010-06-05 13:17 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\08​260441.sys
 2010-06-05 13:05 . 2010-06-05 13:11 73317544 ----a-w- C:\setup_9.0.0.722_05.06.2010_​15-36.exe
 2010-06-05 12:41 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mb​amswissarmy.sys
 2010-06-05 12:41 . 2010-06-05 12:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
 2010-06-05 12:41 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mb​am.sys
 2010-06-04 20:39 . 2010-06-04 20:39 -------- d-----w- c:\documents and settings\titi\Local Settings\Application Data\Identities
 2010-06-04 08:22 . 2010-06-04 08:29 -------- d-----w- c:\documents and settings\titi\SecurityScans
 2010-06-04 08:22 . 2010-06-04 08:22 -------- d-----w- c:\program files\Microsoft Baseline Security Analyzer 2
 2010-06-04 08:02 . 2010-06-04 08:10 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\NPE
 2010-06-03 20:37 . 2010-06-03 16:07 5502832 ----a-w- C:\NPE.exe
 2010-06-03 16:11 . 2010-06-03 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
 2010-06-03 16:10 . 2010-06-03 16:17 -------- d-----w- c:\documents and settings\titi\Local Settings\Application Data\NPE
 2010-06-03 05:23 . 2010-06-03 05:23 -------- d-----w- C:\sp3
 2010-06-03 05:23 . 2010-06-03 05:23 -------- d-----w- C:\Nouveau dossier
 2010-06-03 05:23 . 2010-06-03 05:30 -------- d-----w- C:\xpsp3
 2010-06-02 23:02 . 2009-10-26 13:45 200312 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstall​er.exe
 2010-06-02 21:40 . 2010-06-02 21:46 95072928 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\pure9.0.0.​192fr.exe
 2010-06-02 13:32 . 2010-06-02 13:32 77312 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\mbr.exe
 2010-06-02 12:49 . 2010-06-05 21:34 -------- d-----w- c:\program files\trend micro
 2010-06-02 12:49 . 2010-06-05 16:30 -------- d-----w- C:\rsit
 2010-06-02 12:43 . 2010-06-02 12:43 824681 ----a-w- C:\RSIT.exe
 2010-06-01 21:42 . 2003-05-25 01:11 94720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Activation​ Crack Windows XP\AntiWPA\amd64\AntiWPA.Dll
 2010-06-01 21:42 . 2003-05-25 01:11 60416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Activation​ Crack Windows XP\AntiWPA\x86\AntiWPA.Dll
 2010-06-01 15:25 . 2010-06-01 22:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
 2010-06-01 14:29 . 2010-06-01 14:29 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Identities
 2010-06-01 12:30 . 2010-06-01 12:30 6153352 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\mbam-setup​-1.46.exe
 2010-06-01 11:49 . 2010-06-01 11:49 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
 2010-05-31 22:31 . 2010-05-31 22:31 -------- d-sh--w- c:\documents and settings\Administrateur\Privac​IE
 2010-05-31 21:24 . 2010-06-06 12:37 -------- d-----w- c:\program files\RegCleaner
 2010-05-31 21:22 . 2010-05-31 21:22 2277896 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\advisor.ex​e
 2010-05-31 21:21 . 2010-05-31 21:21 453000 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\speedyfox.​exe
 2010-05-31 21:20 . 2010-05-31 21:20 336752 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\BootVis-To​ol.exe
 2010-05-31 21:18 . 2010-05-31 21:18 553687 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\RegCleaner​.exe
 2010-05-31 20:06 . 2010-05-31 20:06 23456 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\WINDOWS\system32\dr​ivers\DrvAgent32.sys
 2010-05-31 20:06 . 2010-05-31 20:06 23456 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Local Settings\Temp\DriverAgent\DrvA​gent32.sys
 2010-05-31 05:36 . 2010-05-31 05:36 904048 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\fsbl.exe
 2010-05-30 20:14 . 2010-05-31 15:45 19495216 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\ASSASSINS CREED 2\Patch\assassins_creed_2_1.01​_us.exe
 2010-05-30 20:14 . 2010-05-30 20:17 41984 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\ASSASSINS CREED 2\Crack\SKIDROW.exe
 2010-05-30 11:50 . 2010-05-30 20:05 619144 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\Assassins Creed Crack\AssassinsCreed_Launcher.​exe
 2010-05-30 11:50 . 2010-05-30 11:51 193024 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\Assassins Creed Crack\binkw32.dll
 2010-05-30 11:50 . 2010-05-30 11:51 192512 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\Assassins Creed Crack\eax.dll
 2010-05-30 11:48 . 2010-05-30 20:08 4750184 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\AssassinsCreed.exe
 2010-05-30 11:48 . 2010-05-30 21:17 24662016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\Assassins Creed Crack\AssassinsCreed_Dx9.exe
 2010-05-30 11:47 . 2010-05-30 21:12 24182784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\[PC GAME] Assassins Creed (Full) + CRACK\Assassins Creed Crack\AssassinsCreed_Dx10.exe
 2010-05-30 11:20 . 2010-05-30 11:21 191488 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Alpha.Prot​ocol.Crackfix-SKIDROW\skidrow.​DLL
 2010-05-30 11:20 . 2010-05-30 11:22 22499328 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Alpha.Prot​ocol.Crackfix-SKIDROW\APGame.e​xe
 2010-05-30 02:16 . 2010-05-30 02:16 -------- d-----w- c:\program files\uTorrent
 2010-05-30 01:58 . 2010-05-30 01:58 322352 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\utorrent.e​xe
 2010-05-30 00:08 . 2010-05-30 00:08 1339288 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\sar_15_sfx​.exe
 2010-05-29 21:08 . 2010-05-29 21:08 -------- d-----w- c:\program files\Recuva
 2010-05-29 14:27 . 2010-05-29 14:27 -------- d-----w- C:\MFT 28
 2010-05-29 14:26 . 2010-05-29 14:26 -------- d-----w- C:\MFT 3418
 2010-05-29 13:45 . 2010-05-29 13:45 -------- d-----w- c:\windows\system32\wbem\Repos​itory
 2010-05-29 13:43 . 2010-05-29 14:17 -------- d-----w- c:\program files\CCleaner
 2010-05-28 21:25 . 2010-05-28 21:25 631458 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Assassins Creed 2 [Multi9] [PCDVD9][WITH CRACK] [www.soloestreno.com]\Crack\AssassinsCreedII.exe
 2010-05-28 21:21 . 2010-05-28 21:21 2269232 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Prototype Razor 1911 Crack\prototypef.exe
 2010-05-28 20:32 . 2010-05-28 22:17 34681507 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Assassins Creed 2 [Multi9] [PCDVD9][WITH CRACK] [www.soloestreno.com]\Crack\AssassinsCreedIIGame.ex​e
 2010-05-28 20:22 . 2010-05-28 20:28 738616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Assassin's​ Creed II Crack Only 100%\Crack\Crack\Map 3\ubiorbitapi_r2.dll
 2010-05-28 20:22 . 2010-05-28 20:28 607544 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Assassin's​ Creed II Crack Only 100%\Crack\Crack\Map 3\UbisoftGameLauncher.exe
 2010-05-28 20:22 . 2010-05-28 20:28 3629776 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Assassin's​ Creed II Crack Only 100%\Crack\Crack\Map 1\InstallAC2Crack.exe
 2010-05-27 22:36 . 2010-05-28 11:02 2269232 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Prototype-​Razor1911 FULL PC ISO MAXSPEED\Crack\prototypef.exe
 2010-05-27 21:38 . 2010-05-27 21:43 19495216 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\assassins_​creed_2_1.01_us.exe
 2010-05-27 02:46 . 2010-05-27 02:47 6663680 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\RemoveWAT v2.2.5.2 By ChattChitto\RemoveWAT v2.2.5.2.exe
 2010-05-26 22:49 . 2010-05-07 16:01 30024 ----a-w- c:\windows\system32\uxtuneup.d​ll
 2010-05-26 22:19 . 2010-05-07 16:07 30536 ----a-w- c:\windows\system32\TURegOpt.e​xe
 2010-05-26 22:18 . 2010-05-26 22:18 -------- d-----w- c:\documents and settings\titi\Application Data\TuneUp Software
 2010-05-26 22:18 . 2010-05-26 22:49 -------- d-----w- c:\program files\TuneUp Utilities 2010
 2010-05-26 22:17 . 2010-05-26 22:18 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
 2010-05-26 22:05 . 2010-05-26 22:05 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-​0E7C3C0185CC}
 2010-05-09 23:12 . 2010-05-09 23:12 2400385 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\siw-setup.​exe
 2010-05-09 22:53 . 2010-05-09 22:53 6263584 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\gupsetup.e​xe
 2010-05-08 23:32 . 2010-05-08 23:33 2997760 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\RemoveWAT2​2.exe
 2010-05-08 20:39 . 2010-05-08 20:39 -------- d-----w- c:\documents and settings\titi\Application Data\Media Player Classic
 2010-05-08 20:36 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
 2010-05-08 14:06 . 2010-05-08 14:06 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Eraser 6
 2010-05-08 12:10 . 2010-05-08 12:10 19080 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2010-05-08 09:28 . 2010-05-08 09:28 -------- d--h--w- c:\windows\PIF
 2010-05-07 23:03 . 2010-05-07 23:03 -------- d-----w- c:\documents and settings\titi\Local Settings\Application Data\Eraser 6
 2010-05-07 22:45 . 2010-05-07 22:45 791393 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\erunt-setu​p.exe
 2010-05-07 21:48 . 2010-05-07 21:48 -------- d-----w- c:\program files\Eraser

 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2010-06-06 12:45 . 2010-03-07 15:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
 2010-06-06 12:39 . 2010-03-08 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
 2010-06-04 08:53 . 2002-09-07 00:00 84766 ----a-w- c:\windows\system32\perfc00C.d​at
 2010-06-04 08:53 . 2002-09-07 00:00 510742 ----a-w- c:\windows\system32\perfh00C.d​at
 2010-06-02 20:55 . 2010-04-28 23:58 -------- d-----w- c:\program files\MyDefrag v4.2.9
 2010-06-01 21:36 . 2010-03-09 18:43 -------- d-----w- c:\documents and settings\titi\Application Data\uTorrent
 2010-06-01 14:43 . 2010-03-21 19:11 -------- d-----w- c:\documents and settings\Administrateur\Applic​ation Data\Malwarebytes
 2010-06-01 14:43 . 2010-03-11 16:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
 2010-05-28 11:49 . 2010-03-30 16:11 1 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\OpenOffice.org 3\share\uno_packages\cache\sta​mp.sys
 2010-05-28 11:49 . 2010-03-30 16:11 1 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Application Data\OpenOffice.org\3\user\uno​_packages\cache\stamp.sys
 2010-05-27 14:40 . 2010-05-07 12:07 1351975692 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Adobe Photoshop CS5 Extended Edition.exe
 2010-05-26 23:17 . 2010-03-11 20:46 -------- d-----w- c:\documents and settings\titi\Application Data\vlc
 2010-05-08 20:39 . 2010-03-07 14:47 196608 ----a-w- c:\windows\system32\drivers\nS​tandard.bin
 2010-05-06 22:56 . 2010-05-06 22:56 2867600 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\cisfree_in​staller.exe
 2010-05-06 22:02 . 2010-05-06 22:02 562840 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\ChromeSetu​p.exe
 2010-05-06 21:50 . 2010-05-06 21:49 9088880 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Downloads\Thunderbir​d Setup 3.0.4.exe
 2010-05-06 16:39 . 2010-05-06 16:37 99013662 ----a-w- c:\documents and settings\titi\savebutt.reg
 2010-05-06 11:46 . 2010-05-05 02:16 95024 ----a-w- c:\windows\system32\drivers\SB​REDrv.sys
 2010-05-05 23:06 . 2010-05-05 15:33 -------- d-----w- c:\program files\NVIDIA Corporation
 2010-05-05 23:06 . 2010-05-05 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
 2010-05-05 11:13 . 2010-03-07 15:17 97549 ----a-w- c:\windows\system32\drivers\kl​ick.dat
 2010-05-05 11:13 . 2010-03-07 15:17 113933 ----a-w- c:\windows\system32\drivers\kl​in.dat
 2010-05-05 02:41 . 2009-03-24 11:02 281088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Secunia\PSI\psires.dll
 2010-05-05 02:38 . 2010-05-05 02:38 137947 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Secunia\PSI\Uninstall.exe
 2010-05-05 02:34 . 2010-05-05 02:34 85173 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB4\Device\Hardd​iskVolume1\WINDOWS\system32\Ma​cromed\Flash\uninstall_plugin.​exe
 2010-05-05 02:34 . 2010-05-05 02:34 1924992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB4\Device\Hardd​iskVolume1\Documents and Settings\titi\Local Settings\Temp\FP_PL_PFS_INSTAL​LER.exe
 2010-05-05 02:00 . 2010-03-07 14:04 -------- d--h--w- c:\program files\InstallShield Installation Information
 2010-05-05 02:00 . 2010-03-07 14:47 -------- d-----w- c:\program files\ASUS
 2010-05-05 00:51 . 2010-05-05 00:51 765952 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Téléchargements\xvid​core.dll
 2010-05-05 00:40 . 2010-05-05 00:39 5590635 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Téléchargements\K-Li​te_Codec_Pack_590_Basic.exe
 2010-05-05 00:32 . 2010-05-05 00:32 4072568 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Téléchargements\regi​strybooster.exe
 2010-05-05 00:03 . 2010-05-04 23:57 25214 ----a-r- c:\documents and settings\titi\Application Data\Microsoft\Installer\{485D​F5E7-8379-4BFA-BAE1-9B8DBFE0D6​B4}\RunProductNameDskt_985F828​E0E98429F9C05EF3BDE7568F7.exe
 2010-05-05 00:03 . 2010-05-04 23:57 25214 ----a-r- c:\documents and settings\titi\Application Data\Microsoft\Installer\{485D​F5E7-8379-4BFA-BAE1-9B8DBFE0D6​B4}\RunProductName_985F828E0E9​8429F9C05EF3BDE7568F7.exe
 2010-05-05 00:03 . 2010-05-04 23:57 10134 ----a-r- c:\documents and settings\titi\Application Data\Microsoft\Installer\{485D​F5E7-8379-4BFA-BAE1-9B8DBFE0D6​B4}\ARPPRODUCTICON.exe
 2010-05-04 23:47 . 2010-05-04 23:47 -------- d-----w- c:\program files\Paragon Software
 2010-05-04 22:44 . 2010-04-13 23:29 -------- d-----w- c:\program files\Google
 2010-05-04 21:31 . 2010-03-26 11:04 222584 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Local Settings\Temp\{AC76BA86-7AD7-1​036-7B44-A93000000001}\FixTran​sforms.exe
 2010-04-27 04:06 . 2010-04-27 04:05 -------- d-----w- c:\documents and settings\titi\Application Data\Apple Computer
 2010-04-27 04:04 . 2010-04-27 04:04 -------- d-----w- c:\program files\iTunes
 2010-04-27 04:04 . 2010-04-27 04:04 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-​1DB246563521}
 2010-04-27 04:04 . 2010-04-27 04:04 -------- d-----w- c:\program files\iPod
 2010-04-27 04:04 . 2010-04-27 04:02 -------- d-----w- c:\program files\Fichiers communs\Apple
 2010-04-27 04:04 . 2010-04-27 04:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
 2010-04-27 04:02 . 2010-04-27 04:02 -------- d-----w- c:\program files\Apple Software Update
 2010-04-27 04:02 . 2010-04-27 04:02 -------- d-----w- c:\program files\Bonjour
 2010-04-27 04:02 . 2010-04-27 04:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
 2010-04-26 00:42 . 2010-04-26 00:42 1189376 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Téléchargements\Inst​allation_LooknStop_207_VC2005.​exe
 2010-04-25 23:51 . 2010-04-25 23:51 57674656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Norman_Ad-AwareInsta​ller.exe
 2010-04-25 23:21 . 2010-04-25 23:21 25587 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Local Settings\Temporary Internet Files\Content.IE5\UPM9QXGZ\www​.norman[1].com
 2010-04-25 22:44 . 2010-04-25 22:44 54920 ----a-w- c:\windows\system32\drivers\px​rts.sys
 2010-04-25 22:44 . 2010-04-25 22:44 30320 ----a-w- c:\windows\system32\drivers\px​scan.sys
 2010-04-25 22:44 . 2010-04-25 22:44 24400 ----a-w- c:\windows\system32\drivers\px​kbf.sys
 2010-04-19 10:38 . 2010-03-07 13:55 19080 ----a-w- c:\documents and settings\titi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
 2010-04-19 10:38 . 2010-04-19 10:38 -------- d-----w- c:\program files\Microsoft
 2010-04-19 10:38 . 2010-04-19 10:37 -------- d-----w- c:\program files\Windows Live
 2010-04-19 10:32 . 2010-04-19 10:32 -------- d-----w- c:\program files\Fichiers communs\Windows Live
 2010-04-18 21:30 . 2010-04-18 21:30 -------- d-----w- c:\program files\Fichiers communs\Java
 2010-04-18 21:28 . 2010-04-18 21:28 -------- d-----w- c:\program files\Sun
 2010-04-18 21:27 . 2010-04-18 21:27 411368 ----a-w- c:\windows\system32\deployJava​1.dll
 2010-04-18 21:27 . 2010-03-18 14:40 -------- d-----w- c:\program files\Java
 2010-04-16 10:28 . 2010-04-16 10:07 -------- d-----w- c:\documents and settings\titi\Application Data\dvdcss
 2010-04-15 21:36 . 2010-04-15 21:36 287056 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Documents and Settings\titi\Mes documents\Téléchargements\vkey​inst.exe
 2010-04-15 13:26 . 2010-04-15 13:26 -------- d-----w- c:\documents and settings\titi\Application Data\Canneverbe Limited
 2010-04-15 13:20 . 2010-04-15 13:10 -------- d-----w- c:\documents and settings\titi\Application Data\DAEMON Tools Lite
 2010-04-15 13:11 . 2010-04-15 13:11 691696 ----a-w- c:\windows\system32\drivers\sp​td.sys
 2010-04-15 13:10 . 2010-04-15 13:10 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
 2010-04-15 13:00 . 2010-04-15 13:00 -------- d-----w- c:\program files\7-Zip
 2010-04-11 11:11 . 2010-04-11 11:11 -------- d-----w- c:\program files\MSI
 2010-04-04 05:57 . 2010-04-04 05:57 349616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
 2010-04-04 05:42 . 2010-04-04 05:42 36272 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
 2010-04-04 05:13 . 2010-04-04 05:13 2433024 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\CoolType.dll
 2010-04-04 04:03 . 2010-04-04 04:03 99776 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\Eula.exe
 2010-04-04 04:03 . 2010-04-04 04:03 20452792 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.dll
 2010-04-04 03:59 . 2010-04-04 03:59 783872 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\ACE.dll
 2010-04-04 03:57 . 2010-04-04 03:57 27048 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroTextExtractor.e​xe
 2010-04-04 03:41 . 2010-04-04 03:41 5713920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AGM.dll
 2010-04-04 01:13 . 2010-04-04 01:13 542168 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe​
 2010-04-04 01:13 . 2010-04-04 01:13 116168 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\PDFPrevHndlrShim.ex​e
 2010-04-04 01:13 . 2010-04-04 01:13 16832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
 2010-04-04 01:13 . 2010-04-04 01:13 79280 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\PDFPrevHndlr.dll
 2010-04-04 00:49 . 2010-04-04 00:49 280024 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroBroker.exe
 2010-04-04 00:14 . 2010-04-04 00:14 251296 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\A3DUtility.exe
 2010-04-04 00:03 . 2010-04-04 00:03 120240 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroRdIF.dll
 2010-04-03 23:48 . 2010-04-03 23:48 15800 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
 2010-04-03 23:45 . 2010-04-03 23:45 378264 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​pdfshell.dll
 2010-04-03 23:43 . 2010-04-03 23:43 103864 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Mozilla Firefox\plugins\nppdf32.dll
 2010-04-03 23:43 . 2010-04-03 23:43 103864 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
 2010-04-03 23:43 . 2010-04-03 23:43 103864 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll​
 2010-04-03 23:43 . 2010-04-03 23:43 103864 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
 2010-04-03 23:38 . 2010-04-03 23:38 2405784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Adobe\Reader 9.0\Reader\rt3d.dll
 2010-04-03 23:36 . 2010-04-03 23:36 61888 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelper.dll
 2010-04-03 23:36 . 2010-04-03 23:36 75200 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroIEHelperShim.dll
 2010-04-03 23:22 . 2010-04-03 23:22 660912 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Hardd​iskVolume1\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\​AcroPDF.dll
 2010-04-03 22:55 . 2010-05-05 15:32 1097728 ----a-w- c:\windows\system32\nvapi.dll
 2010-04-03 20:55 . 2010-04-03 20:55 61440 ----a-w- c:\windows\system32\OpenCL.dll​
 2010-04-03 20:55 . 2010-04-03 20:55 2646632 ----a-w- c:\windows\system32\nvcuvenc.d​ll
 2010-04-03 20:55 . 2010-04-03 20:55 2183470 ----a-w- c:\windows\system32\nvdata.bin​
 2010-04-03 20:55 . 2010-04-03 20:55 2030184 ----a-w- c:\windows\system32\nvcuvid.dl​l
 2010-04-03 20:55 . 2010-04-03 20:55 11647592 ----a-w- c:\windows\system32\nvcompiler​.dll
 2010-04-03 20:55 . 2007-12-24 13:20 14757888 ----a-w- c:\windows\system32\nvoglnt.dl​l
 .

 (((((((((((((((((((((((((((((   SnapShot@2010-06-05_22.49.01   ))))))))))))))))))))))))))))))​)))))))))))
 .
 + 2010-06-06 12:42 . 2010-06-06 12:42 16384              c:\windows\Temp\Perflib_Perfda​ta_344.dat
 + 2001-07-14 15:32 . 2001-07-14 15:32 69632              c:\windows\setupupd\temp\wsdue​ng.dll
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "Google Update"="c:\documents and settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe" [2010-05-07 136176]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]
 "NvCplDaemon"="c:\windows\syst​em32\NvCpl.dll" [2010-04-03 13670504]
 "SunJavaUpdateSched"="c:\progr​am files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
 "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]

 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2008-04-14 15360]

 [HKLM\~\startupfolder\C:^Documents and Settings^titi^Menu Démarrer^Programmes^Démarrage^Spamihilator.lnk]

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adob​e ARM]
 2010-03-24 18:17 952768 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM​.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adob​e Reader Speed Launcher]
 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
 2007-10-23 16:48 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.e​xe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamserviceHD]
 2009-10-19 16:30 2913576 ----a-w- c:\program files\Hercules\Dualpix HD\XtrCtrl.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
 2010-04-10 06:45 979344 ----a-w- c:\progra~1\Eraser\Eraser.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
 2010-03-25 23:10 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
 2005-01-26 17:02 49152 ----a-w- c:\program files\Brother\Brmfl06a\BrStDvP​t.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
 2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
 "UxTuneUp"=2 (0x2)
 "TuneUp.Defrag"=3 (0x3)
 "iPod Service"=3 (0x3)
 "Bonjour Service"=2 (0x2)
 "Apple Mobile Device"=2 (0x2)
 "NMSAccessU"=2 (0x2)

 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
 "CTFMON.EXE"=c:\windows\system​32\ctfmon.exe

 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
 "RTHDCPL"=RTHDCPL.EXE
 "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,​NvStartup
 "Alcmtr"=ALCMTR.EXE
 "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 "SunJavaUpdateSched"="c:\progr​am files\Fichiers communs\Java\Java Update\jusched.exe"
 "NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.d​ll,NvTaskbarInit
 "MSConfig"=c:\windows\PCHealth​\HelpCtr\Binaries\MSConfig.exe​ /auto
 "ControlCenter3"=c:\program files\Brother\ControlCenter3\b​rctrcen.exe /autorun
 "BrMfcWnd"=c:\program files\Brother\Brmfcmon\BrMfcWn​d.exe /AUTORUN

 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
 "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​
 "c:\\Program Files\\Bonjour\\mDNSResponder.​exe"=
 "c:\\Program Files\\iTunes\\iTunes.exe"=
 "c:\\Program Files\\uTorrent\\uTorrent.exe"​=

 R0 08260442;08260442 Boot Guard Driver;c:\windows\system32\dri​vers\08260442.sys [05/06/2010 15:17 37392]
 R0 68000102;68000102 Boot Guard Driver;c:\windows\system32\dri​vers\68000102.sys [05/06/2010 15:19 37392]
 R0 hotcore3;Hotcore helper;c:\windows\system32\dri​vers\hotcore3.sys [05/05/2010 01:57 40496]
 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\dri​vers\klbg.sys [14/10/2009 21:18 36880]
 R1 08260441;08260441;c:\windows\s​ystem32\drivers\08260441.sys [05/06/2010 15:17 128016]
 R1 68000101;68000101;c:\windows\s​ystem32\drivers\68000101.sys [05/06/2010 15:19 128016]
 R1 SBRE;SBRE;c:\windows\system32\​drivers\SBREDrv.sys [05/05/2010 04:16 95024]
 R1 setup_9.0.0.722_05.06.2010_15-​36drv;setup_9.0.0.722_05.06.20​10_15-36drv;c:\windows\system3​2\drivers\6800010.sys [05/06/2010 15:19 315408]
 R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.​exe [07/05/2010 18:05 1051976]
 R3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\dri​vers\HDvidv.sys [18/03/2010 15:03 285952]
 R3 hxctlflt;hxctlflt;c:\windows\s​ystem32\drivers\hxctlflt.sys [18/03/2010 15:03 99968]
 R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\dri​vers\klim5.sys [14/09/2009 14:42 32272]
 R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\d​rivers\klmouflt.sys [02/10/2009 19:39 19472]
 R3 TuneUpUtilitiesDrv;TuneUpUtili​tiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.s​ys [14/10/2009 07:24 10064]
 S0 jvpycio;jvpycio;c:\windows\sys​tem32\drivers\masyl.sys --> c:\windows\system32\drivers\ma​syl.sys [?]
 S0 sptd;sptd;c:\windows\system32\​drivers\sptd.sys [15/04/2010 15:11 691696]
 S3 MsibiosDevice;MsibiosDevice;c:​\program files\MSI\Live Update 4\LU4\msibios.sys [11/04/2010 13:11 18432]

 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
 UxTuneUp
 .
 Contenu du dossier 'Tâches planifiées'

 2010-04-27 c:\windows\Tasks\AppleSoftware​Update.job
 - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

 2010-06-01 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-2000478354-129​2428093-839522115-1003Core.job​
 - c:\documents and settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe [2010-05-07 21:36]

 2010-06-04 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-2000478354-129​2428093-839522115-1003UA.job
 - c:\documents and settings\titi\Local Settings\Application Data\Google\Update\GoogleUpdat​e.exe [2010-05-07 21:36]

 2010-05-27 c:\windows\Tasks\MyDefrag v4.2.9 Daily.job
 - c:\program files\MyDefrag v4.2.9\Scripts\OptimizeDaily.M​yD [2010-04-28 20:12]

 2010-06-05 c:\windows\Tasks\User_Feed_Syn​chronization-{1C367D9E-5BD4-45​EF-AF6D-A83A3F79EA4E}.job
 - c:\windows\system32\msfeedssyn​c.exe [2009-03-08 03:31]
 .
 .
 ------- Examen supplémentaire -------
 .
 uStart Page = about:blank
 mStart Page = about:blank
 IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
 TCP: {956113AD-93B1-430B-86F6-1828E​C845D6A} = 212.27.40.240,212.27.40.241
 FF - ProfilePath - c:\documents and settings\titi\Application Data\Mozilla\Firefox\Profiles\​i7unr1zx.default\
 FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@​kaspersky.ru\components\KavLin​kFilter.dll
 FF - plugin: c:\documents and settings\titi\Local Settings\Application Data\Google\Update\1.2.183.23\​npGoogleOneClick8.dll
 FF - plugin: c:\program files\Java\jre6\bin\new_plugin​\npdeployJava1.dll
 FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.​dll
 FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825​760534b} - c:\windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\DotNetAssistantExte​nsion\

 ---- PARAMETRES FIREFOX ----
 FF - user.js: nglayout.initialpaint.delay - 600
 FF - user.js: content.notify.interval - 600000
 FF - user.js: content.max.tokenizing.time - 1800000
 FF - user.js: content.switch.threshold - 600000
 FF - user.js: network.http.max-persistent-co​nnections-per-server - 4
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-gener​ic-ntlm", false);
 c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.allow_unres​tricted_renego_everywhere__tem​porarily_available_pref", true);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.renego_unre​stricted_hosts", "" );
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.treat_unsaf​e_negotiation_as_broken", false);
 c:\program files\Mozilla Firefox\greprefs\security-pref​s.js - pref("security.ssl.require_saf​e_negotiation",  false);
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.name​", "chrome://browser/locale/browser.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("extensions.{972ce4c6-7e0​8-4474-a285-3208198ce6fd}.desc​ription", "chrome://browser/locale/browser.properties" );
 c:\program files\Mozilla Firefox\defaults\pref\firefox.​js - pref("plugins.update.notifyUse​r", false);
 .
 - - - - ORPHELINS SUPPRIMES - - - -

 MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe



 ******************************​******************************​**************

 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2010-06-06 14:52
 Windows 5.1.2600 Service Pack 3 NTFS

 Recherche de processus cachés ...

 Recherche d'éléments en démarrage automatique cachés ...

 Recherche de fichiers cachés ...

 Scan terminé avec succès
 Fichiers cachés: 0

 ******************************​******************************​**************
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------

 - - - - - - - > 'explorer.exe'(3348)
 c:\windows\system32\eappprxy.d​ll
 c:\windows\system32\webcheck.d​ll
 .
 Heure de fin: 2010-06-06  14:53:58
 ComboFix-quarantined-files.txt​  2010-06-06 12:53

 Avant-CF: 28 319 485 952 octets libres
 Après-CF: 28 280 905 728 octets libres

 - - End Of File - - 02BE372A0253F5EB0FC5C5BA48162F​2F

n°507860
Profil supprimé
Posté le 06-06-2010 à 20:05:06  answer
Prévenir les modérateurs en cas d'abus
 

Vous semblez avoir un antivius piraté. Il faut faire attention car cela vient souvent avec de gros virus ou Rootkit.

 Je doute sur plusieurs choses.

 Faire un scan ici: http://www.eset-nod32.fr/scanner.html

 Et me copier/coller le log qui est ici: C:\Program Files\EsetOnlineScanner\log.tx​t



n°507861
teter95
Posté le 06-06-2010 à 22:11:55  answer
Prévenir les modérateurs en cas d'abus
 

Bonsoir

 qu'est ce que je dois comprendre, qu'on m'a piraté mon antivirus ou que je l'ai craquer.
 J'ai acheter le kaspersky chez Surcouf pour le prix il y a 215jours exactement pour la modique somme de 79 euro pour 3 pc.Pouvez vous au moins me dire sur quoi vous voyez cela, car ne le prenez pas mal mais j'aime apprendre afin d'enrichir mes connaissance surtout en sécurité.A l'instant ou j'écris se message j'ai eu une attaque reseaux ainsi que le programme RSIT se lance tous seul signaler par kaspersky qui me donner le choix:
 1:OUI vous faites confiance a celui-là
 2:oui partiellement:bloque les éléments dangereux.
 3 non: bloque
 et moi j'ai choisi la solution 2 comme un idiot au lieux de l'interdire.

n°507862
Profil supprimé
Posté le 07-06-2010 à 05:55:05  answer
Prévenir les modérateurs en cas d'abus
 

Regarder en gras le pourquoi je dis cela ou votre Windows peut-être sinon va falloire supprimer ces lignes...

 2010-06-01 21:42 . 2003-05-25 01:11 94720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Harddisk​Volume1\Documents and Settings\titi\Mes documents\Downloads\Activation Crack Windows XP\AntiWPA\amd64\AntiWPA.Dll
 2010-06-01 21:42 . 2003-05-25 01:11 60416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\Sandbox\KLSB1\Device\Harddisk​Volume1\Documents and Settings\titi\Mes documents\Downloads\Activation Crack Windows XP\AntiWPA\x86\AntiWPA.Dll

 Me revenir avec le log de Nod32 en ligne.

n°507863
teter95
Posté le 10-06-2010 à 23:13:54  answer
Prévenir les modérateurs en cas d'abus
 

:hello: g225
 tout d'abord desoler mais j'ai taffer pas mal cette semaine cela fais pas longtemps que je suis rentrer.
 Pour l'instant j'ai fais un tours dans observateur d'evenement.

 config:
 windows xp pro sp3
 carte mere conroe945-gdvi
 dique dur barraccuda 320GO
 Impossible de lancer malwarebytes 1.46, en mode sans echec, sauf en mode normal.
 Proprietes de l'éevenement:
 SOURCE: MBAMService
 ID evenement:1
 la description pour l' id évènement(1) dans la source (MBAMService)est introuvable l'ordinateur local n'a peut être pas les information du registre ou les librairies requises pour les messages émanant d'un ordinateur distant. Vous pourrez peut être utiliser l'option /AUXSOURCE= pour recuperer cette description.reporter vous aux rubriques d'aides et support pour plus de détails.les information suivantes font parties de l'évenement: MBAMSERVICE
 administrateur error startservicectrldispatcher failed with error code 1083
 je fais le scan eset
 merci.

n°507864
Profil supprimé
Posté le 25-06-2010 à 19:48:09  answer
Prévenir les modérateurs en cas d'abus
 

Il faudrait demander sur le site de Malwarebytes' pourquoi vous avez l'erreur 1083. L'important c'est qu'il fonctionne en mode normal.

 En sans échec, prenez-vous la même session ?

n°507865
teter95
Posté le 25-06-2010 à 22:01:59  answer
Prévenir les modérateurs en cas d'abus
 

oui mets il faut s'inscrire pour avoir une solution. de plus le forum est en anglais et ces  pas mon fort.
 j'utilise en général session administrateur quand je travail en mode sans échec.
 merci.

n°507866
Profil supprimé
Posté le 26-06-2010 à 06:44:48  answer
Prévenir les modérateurs en cas d'abus
 

Essayer dans votre session en mode sans échec desfois que..

 Page :
1

Aller à :
Ajouter une réponse
  01net

  FORUM high-tech

  SECURITE

  Sécurité

  nettoyer pc après infection

 

Sujets relatifs
Plus de sujets relatifs à : nettoyer pc après infection

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
anti virus qui disparait 3 04-06-2010 à 23:04:45
Eorezo et Lo.st, encore...[résolu] 61 14-06-2010 à 23:34:47
Vente flash -70% AVG Internet Security dernier jour ! 0 04-06-2010 à 11:37:14
pc infecté ? 0 04-06-2010 à 09:57:53
lancement de programme... Infection trojan... 0 03-06-2010 à 18:12:19

Newsletter 01net.Forum et astuces