disque dur,amovible,interne ne s'ouvre plus en 2 clic(virus)

bonjour tt le monde,
je suis sous XP et depuis peut de temps mes disque dur interne, externe, amovible ne s'ouvrent plus en double clic sauf par explorer. un message s'affiche : S-7-3-95-100013858-100009101-100023405-3743.com a rencontré un problème et doit fermer. Nous vous prions de nous excuser pour le désagrément encouru.

je pense que cela vien d'un virus ds le système car effectivement il y en a que je ne peut pas réparer. Je penser le formater mes sa m'embête de tout remettre surtout que je l'ai fait il y a 3 moi.
merci d'avance de me répondre

Salut slythief5


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

info.txt logfile of random's system information tool 1.05 2009-02-22 18:42:28

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c -removeonly
Atheros Communications Inc.(R) L2 Fast Ethernet Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A755762-EED8-47AB-A446-505766F93D43}\Setup.exe" -l0x9 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BitDefender Free Edition v10-->MsiExec.exe /I{CEFC581D-BEAE-4F75-989E-BD931970D8AD}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
FormatFactory-->MsiExec.exe /X{F3379D75-8FC0-4517-B52B-3CE6114A2866}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 5.0.11-->"D:\Documents and Settings\programs\limewire\uninstall.exe"
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navilog1 3.7.4-->"C:\Program Files\Navilog1\unins000.exe"
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.2-->MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
ShaunWhiteSnowboarding-->"C:\Program Files\InstallShield Installation Information\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}\Setup.exe" -runfromtemp -l0x040c -removeonly
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sony Ericsson Themes Creator 3.32-->D:\corentin\jeux\Themes Creator\Uninstall.exe
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
Tom Clancy's Rainbow Six Vegas-->C:\Program Files\InstallShield Installation Information\{5731C0A8-B266-451A-8D3F-8066AA21836F}\setup.exe -runfromtemp -l0x040c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
UltraVideo-->"C:\Program Files\UltraVideo\Uninstall.exe"
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Worms 4 Mayhem-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}\setup.exe" -l0x40c -removeonly
XviD MPEG-4 Video Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf

======Security center information======

AV: Bitdefender Antivirus (outdated)
AV: avast! antivirus 4.8.1335 [VPS 090221-0]
AV: Kaspersky Anti-Virus

System event log

Computer Name: BARR-F03AF4102A
Event Code: 7009
Message: Délai (30000 millisecondes) d'attente pour une connexion du service Kaspersky Anti-Virus.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090221091656.000000+060
Event Type: erreur
User:

Computer Name: BARR-F03AF4102A
Event Code: 1001
Message: Le service SNMP a démarré correctement.

Record Number: 4
Source Name: SNMP
Time Written: 20090221091652.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 3100
Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré.

Record Number: 3
Source Name: Tcpip6
Time Written: 20090221091624.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090221091603.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090221091603.000000+060
Event Type: Informations
User:

Application event log

Computer Name: BARR-F03AF4102A
Event Code: 1015
Message: Le paramètre TraceLevel ne se trouve pas dans le Registre.
La niveau de suivi utilisé par défaut est 32.

Record Number: 610
Source Name: EvntAgnt
Time Written: 20090206095318.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 1003
Message: Le paramètre TraceFileName ne se trouve pas dans le Registre.
Le fichier de suivi utilisé par défaut est .

Record Number: 609
Source Name: EvntAgnt
Time Written: 20090206095318.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 608
Source Name: SecurityCenter
Time Written: 20090206095315.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 607
Source Name: Microsoft Fax
Time Written: 20090206095310.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 606
Source Name: Microsoft Fax
Time Written: 20090206095310.000000+060
Event Type: Avertissement
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;D:\Documents and Settings\programs\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Logfile of random's system information tool 1.05 (written by random/random)
Run by corentin at 2009-02-22 18:42:17
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 9 GB (31%) free of 30 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:23, on 22/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Documents and Settings\corentin\Bureau\uTorrent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\corentin\Bureau\RSIT.exe
C:\Program Files\trend micro\corentin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\avgssie.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\avgtoolbar.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\avgtoolbar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-507921405-1580818891-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Barré')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD5BB91E-820A-4B5E-9805-F2E8290D6A04}: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 11278 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-02-08 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - D:\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - D:\avgtoolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2009-02-11 245760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2009-02-11 245760]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - D:\avgtoolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-15 13680640]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-06 17331200]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-02-06 57344]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-11-11 206088]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2007-04-02 290816]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"system34"=C:\WINDOWS\SoftwareProtection\Windows External Security Update.exe [2009-02-14 636127]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-02-04 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-12-22 222080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-01-15 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Documents and Settings\programs\qttask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Barré^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
C:\PROGRA~1\OPENOF~1.2\program\QUICKS~1.EXE [2007-02-02 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\corentin\jeux\ShaunWhiteSnowboardingGame.exe"="D:\corentin\jeux\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"D:\corentin\jeux\ShaunWhiteSnowboarding.exe"="D:\corentin\jeux\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Documents and Settings\corentin\Bureau\uTorrent.exe"="C:\Documents and Settings\corentin\Bureau\uTorrent.exe:*:Enabled:µTorrent"
"D:\corentin\jeux\rainbow\Binaries\R6Vegas_Game.exe"="D:\corentin\jeux\rainbow\Binaries\R6Vegas_Game.exe:*:Enabled:Rainbow Six Vegas"
"D:\corentin\jeux\rainbow\Binaries\R6Vegas_Launcher.exe"="D:\corentin\jeux\rainbow\Binaries\R6Vegas_Launcher.exe:*:Enabled:Rainbow Six Vegas Updater"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Documents and Settings\programs\opera\opera.exe"="D:\Documents and Settings\programs\opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1056531c-f55a-11dd-989c-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com d:\
shell\Open\command - D:\RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com d:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8202e2a-f908-11dd-98ae-001e8c9fd226}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com e:\
shell\Open\command - RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com e:\

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed42cd1b-d263-11dd-94f9-001e8c9fd226}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-0-5-10-100012865-100019757-100004164-2375.com e:\
shell\Open\command - E:\RECYCLER\S-0-5-10-100012865-100019757-100004164-2375.com e:\


======List of files/folders created in the last 1 months======

2009-02-22 18:42:17 ----D---- C:\rsit
2009-02-22 18:42:17 ----D---- C:\Program Files\trend micro
2009-02-22 18:14:55 ----A---- C:\TB.txt
2009-02-22 18:14:36 ----D---- C:\ToolBar SD
2009-02-22 18:08:44 ----A---- C:\fixnavi.txt
2009-02-22 18:07:46 ----D---- C:\Program Files\Navilog1
2009-02-21 12:07:33 ----D---- C:\Documents and Settings\corentin\Application Data\Bitdefender
2009-02-21 11:44:13 ----D---- C:\Program Files\Spyware Doctor
2009-02-21 11:40:27 ----A---- C:\WINDOWS\Aqiwoxice.dll
2009-02-21 11:29:38 ----D---- C:\Program Files\Softwin
2009-02-21 11:29:38 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
2009-02-21 11:29:12 ----D---- C:\Program Files\Fichiers communs\Softwin
2009-02-20 21:14:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-20 21:14:32 ----D---- C:\Program Files\Alwil Software
2009-02-20 20:59:37 ----D---- C:\Program Files\Kaspersky Lab
2009-02-20 20:59:37 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2009-02-20 20:56:58 ----D---- C:\Program Files\UltraVideo
2009-02-20 20:44:19 ----A---- C:\WINDOWS\system32\MSVBVM60.DLL
2009-02-20 20:44:06 ----A---- C:\WINDOWS\MSVBVM60.DLL
2009-02-20 20:43:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2009-02-20 20:21:11 ----D---- C:\WINDOWS\Minidump
2009-02-20 10:34:59 ----D---- C:\Program Files\Electronic Arts
2009-02-20 10:34:29 ----D---- C:\Documents and Settings\corentin\Application Data\Leadertech
2009-02-19 16:19:48 ----D---- C:\Documents and Settings\corentin\Application Data\SystemRequirementsLab
2009-02-15 15:00:59 ----D---- C:\Documents and Settings\corentin\Application Data\skypePM
2009-02-15 14:59:33 ----D---- C:\Documents and Settings\corentin\Application Data\Skype
2009-02-15 14:59:28 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-15 14:59:26 ----RD---- C:\Program Files\Skype
2009-02-14 16:56:44 ----D---- C:\Program Files\Microsoft
2009-02-14 16:56:23 ----D---- C:\Program Files\Windows Live SkyDrive
2009-02-14 15:09:47 ----D---- C:\WINDOWS\SoftwareProtection
2009-02-13 20:00:11 ----D---- C:\Program Files\OpenAL
2009-02-13 20:00:11 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-02-13 20:00:11 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-02-13 19:28:02 ----A---- C:\WINDOWS\game.ini
2009-02-13 19:09:05 ----D---- C:\Documents and Settings\corentin\Application Data\HP
2009-02-12 14:36:52 ----D---- C:\Documents and Settings\corentin\Application Data\vlc
2009-02-12 14:32:55 ----D---- C:\Documents and Settings\corentin\Application Data\Apple Computer
2009-02-12 14:31:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2009-02-12 14:31:09 ----D---- C:\Program Files\Apple Software Update
2009-02-12 14:31:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-02-12 11:25:24 ----A---- C:\WINDOWS\system32\Install7x.dll
2009-02-12 11:25:24 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-02-11 15:11:34 ----D---- C:\Documents and Settings\corentin\Application Data\WinRAR
2009-02-11 12:45:06 ----D---- C:\Documents and Settings\corentin\Application Data\Nero
2009-02-11 12:44:45 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2009-02-11 12:43:18 ----D---- C:\Program Files\Nero
2009-02-11 12:43:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2009-02-11 12:40:58 ----D---- C:\Program Files\AskTBar
2009-02-11 11:10:29 ----D---- C:\Documents and Settings\corentin\Application Data\Opera
2009-02-10 22:33:49 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-02-10 22:20:31 ----HD---- C:\WINDOWS\Icons
2009-02-10 21:34:28 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-10 18:17:54 ----D---- C:\Documents and Settings\corentin\Application Data\InstallShield
2009-02-10 16:14:09 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-02-10 16:14:07 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-02-10 16:14:05 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-02-10 16:10:26 ----D---- C:\Documents and Settings\corentin\Application Data\TuneUp Software
2009-02-10 16:10:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-02-10 16:09:41 ----SHD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-10 16:09:29 ----D---- C:\Documents and Settings\corentin\Application Data\Todae
2009-02-10 16:07:43 ----D---- C:\Program Files\WinRAR
2009-02-10 16:04:22 ----D---- C:\Program Files\Intel Desktop Board
2009-02-10 10:34:57 ----D---- C:\Documents and Settings\corentin\Application Data\OpenOffice.org2
2009-02-10 10:32:54 ----D---- C:\Program Files\OpenOffice.org 2.2
2009-02-09 19:42:00 ----D---- C:\Documents and Settings\corentin\Application Data\Micro Application
2009-02-09 19:41:51 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-02-09 19:27:19 ----D---- C:\Program Files\HyCam2
2009-02-09 18:55:52 ----D---- C:\Documents and Settings\corentin\Application Data\OpenOffice.org
2009-02-09 18:54:54 ----D---- C:\Documents and Settings\corentin\Application Data\uTorrent
2009-02-09 18:50:51 ----D---- C:\Program Files\Far Cry (c) UBI Soft
2009-02-09 15:52:54 ----D---- C:\Documents and Settings\corentin\Application Data\Media Player Classic
2009-02-08 21:20:49 ----D---- C:\Program Files\MSXML 4.0
2009-02-08 18:56:45 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-02-08 18:56:33 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-02-08 18:56:33 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-02-08 18:56:30 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-02-08 18:46:45 ----D---- C:\Documents and Settings\corentin\Application Data\LimeWire
2009-02-08 18:45:14 ----D---- C:\Program Files\Real
2009-02-08 18:41:47 ----D---- C:\Documents and Settings\corentin\Application Data\Real
2009-02-08 17:49:12 ----D---- C:\Program Files\FormatFactory
2009-02-08 16:18:31 ----RHD---- C:\Documents and Settings\corentin\Application Data\SecuROM
2009-02-08 15:56:31 ----D---- C:\Documents and Settings\corentin\Application Data\Sun
2009-02-08 12:54:13 ----D---- C:\Program Files\GameSpy Arcade
2009-02-08 12:31:51 ----D---- C:\Documents and Settings\corentin\Application Data\Yahoo!
2009-02-08 12:31:49 ----D---- C:\Documents and Settings\corentin\Application Data\HPAppData
2009-02-08 12:29:08 ----D---- C:\Documents and Settings\corentin\Application Data\Macromedia
2009-02-08 12:29:07 ----D---- C:\Documents and Settings\corentin\Application Data\Adobe
2009-02-08 12:03:17 ----D---- C:\Documents and Settings\corentin\Application Data\Mozilla
2009-02-08 11:55:29 ----D---- C:\Documents and Settings\corentin\Application Data\Identities
2009-02-08 11:55:17 ----SD---- C:\Documents and Settings\corentin\Application Data\Microsoft
2009-02-08 11:55:17 ----ASH---- C:\Documents and Settings\corentin\Application Data\desktop.ini
2009-02-08 10:41:51 ----D---- C:\Program Files\LimeWire
2009-02-08 10:34:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\muweb.dll
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-02-08 09:23:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-02-08 09:22:05 ----D---- C:\Program Files\NOS
2009-02-08 09:22:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-02-07 23:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
2009-02-07 23:25:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2009-02-07 23:02:55 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-02-07 22:58:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-02-07 22:58:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-02-07 22:58:28 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-02-07 22:58:28 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-02-07 22:58:26 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-02-07 22:58:22 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-02-07 22:58:20 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-02-07 22:58:20 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-02-07 22:58:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-02-07 22:58:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-02-07 22:58:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-02-07 22:58:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-02-07 22:58:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-02-07 22:58:10 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-02-07 22:58:10 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-02-07 22:58:05 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-02-07 22:58:05 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-02-07 22:58:04 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-02-07 22:58:04 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-02-07 22:56:36 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-07 22:56:35 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-02-07 22:56:34 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-02-07 22:52:12 ----D---- C:\Program Files\Ubisoft
2009-02-07 22:41:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-07 22:40:52 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-07 22:38:26 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
2009-02-07 22:36:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
2009-02-07 22:34:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP Product Assistant
2009-02-07 22:34:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
2009-02-07 22:31:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
2009-02-07 22:31:26 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2009-02-07 22:31:04 ----A---- C:\WINDOWS\system32\hpz3l5ha.dll
2009-02-07 22:29:51 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2009-02-07 22:29:51 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpowiax4.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpovst11.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpotiop4.dll
2009-02-07 22:27:48 ----D---- C:\Program Files\HP
2009-02-07 22:12:07 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-02-07 22:11:31 ----D---- C:\Program Files\My Company Name
2009-02-07 21:46:44 ----D---- C:\Program Files\PowerQuest
2009-02-07 21:23:34 ----D---- C:\Program Files\uTorrent
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\java.exe
2009-02-07 21:04:43 ----D---- C:\Program Files\Java
2009-02-07 20:59:18 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-02-07 20:57:31 ----D---- C:\Downloads
2009-02-07 20:27:03 ----D---- C:\Program Files\Windows Live
2009-02-07 20:26:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2009-02-07 20:22:03 ----D---- C:\Program Files\Mozilla Firefox
2009-02-07 20:12:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2009-02-07 20:12:05 ----D---- C:\Program Files\CCleaner
2009-02-07 17:58:30 ----HD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-02-07 17:58:16 ----D---- C:\Program Files\Adobe
2009-02-07 17:58:03 ----D---- C:\Program Files\Messenger
2009-02-07 17:57:30 ----D---- C:\Program Files\ASUS
2009-02-07 17:57:19 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-02-07 17:57:19 ----D---- C:\Program Files\Alcohol Soft
2009-02-07 17:56:54 ----D---- C:\Program Files\Fichiers communs\France Telecom
2009-02-07 17:56:49 ----D---- C:\Program Files\SystemRequirementsLab
2009-02-07 17:56:09 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-02-07 17:56:06 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2009-02-07 17:56:04 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-07 17:56:01 ----D---- C:\Program Files\Fichiers communs\HP
2009-02-07 17:55:59 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-02-07 17:55:54 ----D---- C:\Program Files\Fichiers communs\Java
2009-02-07 17:55:50 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-07 17:55:49 ----D---- C:\Program Files\Fichiers communs\Real
2009-02-07 17:55:43 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-02-07 17:55:40 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-02-07 17:55:22 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-02-07 17:55:18 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-02-07 17:54:13 ----D---- C:\Program Files\Fichiers communs\Nero
2009-02-07 16:53:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}(2)
2009-02-06 18:52:40 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-02-06 11:29:40 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-02-06 10:10:50 ----D---- C:\WINDOWS\Prefetch
2009-02-06 09:59:39 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-06 09:49:24 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-02-06 09:47:12 ----D---- C:\WINDOWS\NV21682172.TMP
2009-02-06 09:43:26 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
2009-02-06 09:42:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-06 09:41:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com
2009-02-06 09:40:59 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:25:02 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-02-06 09:24:59 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-06 09:24:58 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-02-06 09:24:56 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-06 09:24:56 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-06 09:24:55 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-06 09:24:54 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-06 09:24:51 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKOSDMini.DLL
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\atkid.ini
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKDispCPL.dll
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKDISP.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\DPInst.exe
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\devcon.exe
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ATKOSDX32.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ATKOGL32.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asrussian.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\askorean.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asjapan.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asgerman.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asfrench.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\aseng.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ASCHT.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\aschs.dll
2009-02-06 09:24:10 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-02-06 09:23:27 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-02-05 18:41:35 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-02-05 18:41:06 ----D---- C:\Intel
2009-02-04 19:57:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverScanner
2009-02-04 16:17:13 ----A---- C:\WINDOWS\system32\Install6x.dll
2009-02-01 01:52:46 ----SHD---- C:\$RECYCLE.BIN
2009-02-01 01:39:50 ----RASH---- C:\Boot.BAK
2009-01-31 19:03:04 ----A---- C:\WINDOWS\system32\XceedZip.dll
2009-01-31 16:30:44 ----RASH---- C:\BOOTSECT.BAK
2009-01-31 16:30:39 ----SHD---- C:\Boot
2009-01-31 10:53:18 ----A---- C:\WINDOWS\yesmessenger.ini
2009-01-31 10:53:18 ----A---- C:\WINDOWS\wininit.ini
2009-01-31 10:53:16 ----A---- C:\WINDOWS\unvise32.exe
2009-01-31 10:53:15 ----RA---- C:\WINDOWS\Twunk_32.dll
2009-01-31 10:53:15 ----RA---- C:\WINDOWS\Twunk_16.dll
2009-01-31 10:53:15 ----A---- C:\WINDOWS\unin040c.exe
2009-01-31 10:53:13 ----RA---- C:\WINDOWS\SET25.tmp
2009-01-31 10:53:13 ----A---- C:\WINDOWS\ST5UNST.EXE
2009-01-31 10:53:13 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-01-31 10:53:13 ----A---- C:\WINDOWS\slrundll.exe
2009-01-31 10:53:13 ----A---- C:\WINDOWS\SkyTel.exe
2009-01-31 10:53:12 ----A---- C:\WINDOWS\RtlUpd.exe
2009-01-31 10:53:12 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-01-31 10:53:11 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-01-31 10:53:11 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-01-31 10:53:10 ----A---- C:\WINDOWS\R5ClkLib.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\OneTouchVga.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nvgpio.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nVGA_i2c.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nvapi9x.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-31 10:53:08 ----A---- C:\WINDOWS\MicCal.exe
2009-01-31 10:53:08 ----A---- C:\WINDOWS\kit.ini
2009-01-31 10:53:08 ----A---- C:\WINDOWS\IsUn040c.exe
2009-01-31 10:53:08 ----A---- C:\WINDOWS\i2c_i.dll
2009-01-31 10:53:08 ----A---- C:\WINDOWS\i2c.dll
2009-01-31 10:53:08 ----A---- C:\WINDOWS\HyperDrive.exe
2009-01-31 10:53:07 ----A---- C:\WINDOWS\EIO.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ATKKBService.exe
2009-01-31 10:53:04 ----A---- C:\WINDOWS\atistclk.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\atipdlxx.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\aticlocklib.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ASUSRC.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ASMT_CE.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-01-31 10:53:04 ----A---- C:\WINDOWS\002529_.tmp
2009-01-30 20:41:51 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-30 20:35:56 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-30 20:35:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-30 20:27:49 ----D---- C:\WINDOWS\dell
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpui.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpcore.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpcd.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpasf.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmerror.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\winshfhc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\shmedia.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msscp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mspmsp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\blastcln.exe
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\logagent.exe
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\blackbox.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\asferror.dll
2009-01-30 20:25:13 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-01-30 20:25:12 ----A---- C:\WINDOWS\vmmreg32.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\vga256.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\tourstart.exe
2009-01-30 20:25:11 ----A---- C:\WINDOWS\system32\spnpinst.exe
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odtext32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odpdx32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odfox32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odexl32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\oddbse32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\krnl386.exe
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_32.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2009-01-30 20:25:04 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-01-30 20:25:04 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\wshfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\wmerrFRA.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\vbsfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\scrrnfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\scofr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\mfc42loc.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\mfc40loc.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\jsfr.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdycc.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbduzb.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtat.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdru1.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdru.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\edit.com
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msutb.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msctf.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\ctfmon.exe
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinben.dll
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2009-01-30 20:24:50 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-01-30 20:24:49 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2009-01-30 20:24:49 ----A---- C:\WINDOWS\system32\xmlprov.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xcopy.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsock32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshrm.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wship6.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshext.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshcon.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsecedit.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscript.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscntfy.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\ws2help.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\ws2_32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wpabaln.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wow32.dll
2009-01-30 20:24:47 ----A---- C:\WINDOWS\system32\wmiscmgr.dll
2009-01-30 20:24:47 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wmi.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winver.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsta.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsrv.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winspool.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsock.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winscard.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winrnr.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winntbbu.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winnls.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winmm.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winlogon.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winipsec.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wininet.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winhlp32.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\winhlp32.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\winhelp.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\winfax.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\winbrand.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win87em.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win.com
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wiavideo.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiashext.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiascr.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiadefui.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\wextract.exe
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webvw.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webhits.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webclnt.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32time.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vwipxspx.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vwipxspx.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssvc.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vga.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\version.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\verifier.exe
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\verifier.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\ver.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vbajet32.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\utilman.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\utildll.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\usp10.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\userinit.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\userenv.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\user32.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\user.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\usbmon.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\url.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\ureg.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\ups.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\upnphost.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twunk_32.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twunk_16.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twain_32.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twain.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\upnpcont.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\upnp.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\untfs.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\uniplat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\unimdmat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\ulib.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\ufat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\typeperf.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\typelib.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\txflog.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\twext.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\osuninst.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\w3ssl.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsddd.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tree.com
2009-01-30 20:24:37 ----A---- C:\WINDOWS\taskman.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\traffic.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracert.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracerpt.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\themeui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tftp.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\termmgr.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\telnet.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmon.ini
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmib.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskman.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tasklist.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskkill.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapisrv.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi3.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\systray.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\systeminfo.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syskey.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syncui.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\synceng.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sxs.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\swprv.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\svchost.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\subst.exe
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\storage.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\stobject.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\stimon.exe
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sti.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spoolsv.exe
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spiisupd.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\sort.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\softpub.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmptrap.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmp.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smss.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\smbinst.exe
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slbiop.dll
2009-01-30 20:24:29 ----A---- C

un très grand merci y ma falu att ke 2 mn pr ke l'on me réponde merci

Salut slythief5


Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

bn ba malgré ton explication précise jé réussi a me planter jé pa désactiver les antivirus dc sa a lancer combofix ki a fai redémarer le pc pui kan il c ralumer avast a trouver un KITE BOOT si sa peu te servir.
je recomence la manipe ke tu ma expliquer sans faire d'erreur cette foi si

Salut slythief5


Essaie de faire attention avec ton français, ici on est sur un forum et pas sur MSN


@++

ComboFix 09-02-21.01 - corentin 2009-02-22 19:42:53.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2047.1512 [GMT 1:00]
Lancé depuis: c:\documents and settings\corentin\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090221-0] *On-access scanning disabled* (Updated)
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated)
FW: Kaspersky Anti-Virus *disabled*
.
ADS - system32: deleted 798923 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\program files\Mozilla Firefox\components\iamfamous.dll
c:\recycler\S-0-5-10-100012865-100019757-100004164-2375.com
c:\recycler\S-5-5-78-100027351-100027323-100025513-5779.com
c:\windows\Aqiwoxice.dll
c:\windows\SoftwareProtection\Windows External Security Update.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\system32\drivers\gaopdxiqftkpmn.sys
c:\windows\system32\drivers\gaopdxjbeejwqe.sys
c:\windows\system32\drivers\gaopdxnqtqeuky.sys
c:\windows\system32\gaopdxaeewflns.dll
c:\windows\system32\gaopdxcounter
D:\Autorun.inf
d:\recycler\S-0-5-10-100012865-100019757-100004164-2375.com
d:\recycler\S-5-5-78-100027351-100027323-100025513-5779.com
E:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP
-------\Service_Iprip


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-22 au 2009-02-22 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:42 . 2009-02-22 18:42 <REP> d-------- C:\rsit
2009-02-22 18:42 . 2009-02-22 18:42 <REP> d-------- c:\program files\trend micro
2009-02-22 18:14 . 2009-02-22 18:15 <REP> d-------- C:\ToolBar SD
2009-02-22 18:07 . 2009-02-22 18:09 <REP> d-------- c:\program files\Navilog1
2009-02-21 11:45 . 2009-02-21 11:45 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\HPAppData
2009-02-21 11:44 . 2009-02-21 11:55 <REP> d-------- c:\program files\Spyware Doctor
2009-02-21 11:44 . 2009-02-21 11:44 <REP> d-------- c:\documents and settings\Barré\Application Data\PC Tools
2009-02-21 11:44 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2009-02-21 11:44 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2009-02-21 11:44 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2009-02-21 11:44 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2009-02-21 11:35 . 2009-02-22 19:40 81,984 --a------ c:\windows\system32\bdod.bin
2009-02-21 11:29 . 2009-02-22 19:40 <REP> d-------- c:\program files\Fichiers communs\Softwin
2009-02-21 11:21 . 2009-02-21 11:21 <REP> d-------- c:\documents and settings\Barré\Application Data\AVGTOOLBAR
2009-02-20 21:14 . 2009-02-20 21:14 <REP> d-------- c:\program files\Alwil Software
2009-02-20 21:00 . 2009-02-20 21:00 96,976 --a------ c:\windows\system32\drivers\klin.dat
2009-02-20 21:00 . 2009-02-20 21:00 87,855 --a------ c:\windows\system32\drivers\klick.dat
2009-02-20 20:59 . 2009-02-20 20:59 <REP> d-------- c:\program files\Kaspersky Lab
2009-02-20 20:59 . 2009-02-22 20:02 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2009-02-20 20:56 . 2009-02-20 20:56 <REP> d-------- c:\program files\UltraVideo
2009-02-20 20:44 . 2004-02-23 01:00 1,386,496 --a------ c:\windows\system32\MSVBVM60.DLL
2009-02-20 20:44 . 2004-02-23 01:00 1,386,496 --a------ c:\windows\MSVBVM60.DLL
2009-02-20 20:43 . 2009-02-20 20:43 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2009-02-20 10:34 . 2009-02-20 10:34 <REP> d-------- c:\program files\Electronic Arts
2009-02-20 10:34 . 2009-02-20 10:34 <REP> d-------- c:\documents and settings\corentin\Application Data\Leadertech
2009-02-20 10:34 . 2009-02-20 10:34 1,110 --a------ c:\windows\system32\ealregsnapshot1.reg
2009-02-19 16:19 . 2009-02-19 16:19 <REP> d-------- c:\documents and settings\corentin\Application Data\SystemRequirementsLab
2009-02-17 19:24 . 2009-02-22 19:26 <REP> d-------- c:\documents and settings\Barré\Tracing
2009-02-17 19:24 . 2009-02-22 19:26 <REP> d-------- c:\documents and settings\Barré\Tracing
2009-02-15 15:00 . 2009-02-15 16:00 <REP> d-------- c:\documents and settings\corentin\Application Data\skypePM
2009-02-15 14:59 . 2009-02-15 14:59 <REP> dr------- c:\program files\Skype
2009-02-15 14:59 . 2009-02-15 14:59 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-02-15 14:59 . 2009-02-22 20:03 <REP> d-------- c:\documents and settings\corentin\Application Data\Skype
2009-02-14 16:58 . 2009-02-22 20:03 <REP> d-------- c:\documents and settings\corentin\Tracing
2009-02-14 16:56 . 2009-02-14 16:56 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-02-14 16:56 . 2009-02-14 16:56 <REP> d-------- c:\program files\Microsoft
2009-02-14 15:09 . 2009-02-22 19:42 <REP> d-------- c:\windows\SoftwareProtection
2009-02-13 20:00 . 2009-02-13 20:00 <REP> d-------- c:\program files\OpenAL
2009-02-13 20:00 . 2009-02-13 20:00 413,696 --a------ c:\windows\system32\wrap_oal.dll
2009-02-13 20:00 . 2009-02-13 20:00 110,592 --a------ c:\windows\system32\OpenAL32.dll
2009-02-13 19:28 . 2009-02-13 19:28 22,328 --a------ c:\documents and settings\corentin\Application Data\PnkBstrK.sys
2009-02-13 19:28 . 2009-02-13 19:28 276 --a------ c:\windows\game.ini
2009-02-13 19:09 . 2009-02-13 19:09 <REP> d-------- c:\documents and settings\corentin\Application Data\HP
2009-02-13 13:17 . 2009-02-13 13:17 <REP> d-------- c:\documents and settings\Barré\.bitrock
2009-02-13 13:17 . 2009-02-13 13:17 <REP> d-------- c:\documents and settings\Barré\.bitrock
2009-02-12 14:36 . 2009-02-13 13:20 <REP> d-------- c:\documents and settings\corentin\Application Data\vlc
2009-02-12 14:32 . 2009-02-12 14:32 <REP> d-------- c:\documents and settings\corentin\Application Data\Apple Computer
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\program files\Apple Software Update
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-02-12 11:25 . 2006-06-08 10:49 344,064 --a------ c:\windows\system32\drivers\rt73.sys
2009-02-12 11:25 . 2005-12-15 10:38 315,392 --a------ c:\windows\system32\AegisI5.exe
2009-02-12 11:25 . 2006-06-17 12:29 295,018 --a------ c:\windows\system32\Install7x.dll
2009-02-12 11:25 . 2005-11-30 11:33 2,048 --a------ c:\windows\system32\drivers\rt73.bin
2009-02-12 11:25 . 2006-03-06 15:36 45 --a------ c:\windows\filespec7x
2009-02-11 12:45 . 2009-02-11 12:45 <REP> d-------- c:\documents and settings\corentin\Application Data\Nero
2009-02-11 12:43 . 2009-02-11 12:43 <REP> d-------- c:\program files\Nero
2009-02-11 12:43 . 2009-02-11 12:43 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2009-02-11 12:40 . 2009-02-12 15:20 <REP> d-------- c:\program files\AskTBar
2009-02-11 12:34 . 2009-02-11 12:34 <REP> d-------- c:\documents and settings\Barré\Application Data\TuneUp Software
2009-02-10 22:33 . 2009-02-10 22:33 2,287,104 --a------ c:\windows\system32\TUKernel.exe
2009-02-10 22:20 . 2009-02-10 22:20 <REP> d--h----- c:\windows\Icons
2009-02-10 21:34 . 2009-02-10 21:35 <REP> d-------- c:\program files\Windows Live Safety Center
2009-02-10 18:17 . 2009-02-10 18:17 <REP> d-------- c:\documents and settings\corentin\Application Data\InstallShield
2009-02-10 16:14 . 2009-02-10 16:14 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-02-10 16:14 . 2009-02-10 16:14 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-02-10 16:14 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-02-10 16:10 . 2009-02-10 16:10 <REP> d-------- c:\documents and settings\corentin\Application Data\TuneUp Software
2009-02-10 16:10 . 2009-02-10 16:10 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-02-10 16:09 . 2009-02-10 16:09 <REP> d-------- c:\documents and settings\corentin\Application Data\Todae
2009-02-10 16:09 . 2009-02-10 16:09 <REP> d--hs---- c:\documents and settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-10 16:04 . 2009-02-10 16:04 <REP> d-------- c:\program files\Intel Desktop Board
2009-02-10 12:19 . 2009-02-22 19:07 <REP> d-------- c:\documents and settings\Barré\Application Data\OpenOffice.org2
2009-02-10 10:34 . 2009-02-22 16:00 <REP> d-------- c:\documents and settings\corentin\Application Data\OpenOffice.org2
2009-02-10 10:32 . 2009-02-10 10:33 <REP> d-------- c:\program files\OpenOffice.org 2.2
2009-02-09 19:42 . 2009-02-10 10:22 <REP> d-------- c:\documents and settings\corentin\Application Data\Micro Application
2009-02-09 19:41 . 2009-02-21 12:00 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-09 19:27 . 2009-02-09 19:27 <REP> d-------- c:\program files\HyCam2
2009-02-09 18:55 . 2009-02-09 18:55 <REP> d-------- c:\documents and settings\corentin\Application Data\OpenOffice.org
2009-02-09 18:54 . 2009-02-22 19:14 <REP> d-------- c:\documents and settings\corentin\Application Data\uTorrent
2009-02-09 18:50 . 2009-02-09 19:16 <REP> d-------- c:\program files\Far Cry (c) UBI Soft
2009-02-09 15:52 . 2009-02-09 15:53 <REP> d-------- c:\documents and settings\corentin\Application Data\Media Player Classic
2009-02-08 21:20 . 2009-02-08 21:20 <REP> d-------- c:\program files\MSXML 4.0
2009-02-08 18:46 . 2009-02-22 17:53 <REP> d-------- c:\documents and settings\corentin\Application Data\LimeWire
2009-02-08 18:45 . 2009-02-08 18:45 <REP> d-------- c:\program files\Real
2009-02-08 17:49 . 2009-02-08 17:49 <REP> d-------- c:\program files\FormatFactory
2009-02-08 16:57 . 2009-02-08 16:57 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-02-08 16:57 . 2009-02-08 16:57 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf
2009-02-08 16:18 . 2009-02-08 16:18 <REP> dr-h----- c:\documents and settings\corentin\Application Data\SecuROM
2009-02-08 12:54 . 2009-02-10 10:36 <REP> d-------- c:\program files\GameSpy Arcade
2009-02-08 12:31 . 2009-02-08 12:31 <REP> d-------- c:\documents and settings\corentin\Application Data\Yahoo!
2009-02-08 12:31 . 2009-02-08 12:31 <REP> d-------- c:\documents and settings\corentin\Application Data\HPAppData
2009-02-08 12:27 . 2009-02-08 12:28 <REP> d-------- c:\documents and settings\corentin\Contacts
2009-02-08 11:55 . 2009-01-28 18:42 <REP> d--h----- c:\documents and settings\corentin\Voisinage réseau
2009-02-08 11:55 . 2009-01-28 18:42 <REP> d--h----- c:\documents and settings\corentin\Voisinage d'impression
2009-02-08 11:55 . 2009-01-28 17:47 <REP> d--h----- c:\documents and settings\corentin\Modèles
2009-02-08 11:55 . 2009-02-14 16:06 <REP> dr------- c:\documents and settings\corentin\Mes documents
2009-02-08 11:55 . 2009-01-28 18:42 <REP> dr------- c:\documents and settings\corentin\Menu Démarrer
2009-02-08 11:55 . 2009-02-10 22:28 <REP> dr------- c:\documents and settings\corentin\Favoris
2009-02-08 11:55 . 2009-02-22 19:20 <REP> d-------- c:\documents and settings\corentin\Bureau
2009-02-08 11:55 . 2009-02-20 22:30 <REP> d-------- c:\documents and settings\corentin
2009-02-08 10:42 . 2009-02-12 15:38 <REP> d-------- c:\documents and settings\Barré\Application Data\LimeWire
2009-02-08 10:41 . 2009-02-18 14:45 <REP> d-------- c:\program files\LimeWire
2009-02-08 10:36 . 2009-02-09 12:53 <REP> d-------- c:\documents and settings\Barré\Application Data\skypePM
2009-02-08 10:36 . 2009-02-08 10:36 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-08 10:34 . 2009-02-09 13:03 <REP> d-------- c:\documents and settings\Barré\Application Data\Skype
2009-02-08 10:34 . 2009-02-15 14:59 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-02-08 10:31 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-08 10:31 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-08 10:31 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-08 09:22 . 2009-02-08 11:54 <REP> d-------- c:\program files\NOS
2009-02-08 09:22 . 2009-02-08 11:54 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NOS
2009-02-07 23:26 . 2008-07-12 08:18 3,851,784 --a------ c:\windows\system32\D3DX9_39.dll
2009-02-07 23:26 . 2008-07-12 08:18 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll
2009-02-07 23:26 . 2008-07-31 10:40 509,448 --a------ c:\windows\system32\XAudio2_2.dll
2009-02-07 23:26 . 2008-07-12 08:18 467,984 --a------ c:\windows\system32\d3dx10_39.dll
2009-02-07 23:26 . 2008-07-31 10:41 238,088 --a------ c:\windows\system32\xactengine3_2.dll
2009-02-07 23:26 . 2008-07-31 10:41 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\Barré\Application Data\InstallShield
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ubisoft
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield
2009-02-07 23:14 . 2007-04-27 10:12 78,784 --a------ c:\windows\system32\ISUSPM.cpl
2009-02-07 23:10 . 2009-02-07 23:10 <REP> dr-h----- c:\documents and settings\Barré\Application Data\SecuROM
2009-02-07 23:02 . 2009-02-07 23:10 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-02-07 22:57 . 2009-02-14 15:37 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-21 14:41 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2009-02-19 19:03 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 10:29 9,715,200 ----a-w c:\windows\RTLCPL.EXE
2009-02-06 10:29 77,824 ----a-w c:\windows\SOUNDMAN.EXE
2009-02-06 10:29 57,344 ----a-w c:\windows\ALCMTR.EXE
2009-02-06 10:29 2,808,832 ----a-w c:\windows\ALCWZRD.EXE
2009-02-06 10:29 2,168,320 ----a-w c:\windows\MicCal.exe
2009-02-06 10:29 17,331,200 ----a-w c:\windows\RTHDCPL.EXE
2009-02-06 10:29 1,826,816 ----a-w c:\windows\SkyTel.exe
2009-02-06 10:29 1,200,128 ----a-w c:\windows\RtlUpd.exe
2009-02-06 10:28 528,384 ----a-w c:\windows\RtlExUpd.dll
2009-02-06 08:44 71,720 ----a-w c:\windows\system32\drivers\PnP680.sys
2009-02-05 17:38 30,720 ----a-w c:\windows\system32\drivers\l251x86.sys
2009-01-15 07:19 6,301,248 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-11-11 206088]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"nwiz"="nwiz.exe" [2009-01-15 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-06 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Barré^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
path=c:\documents and settings\Barré\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk
backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 08:20 222080 c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2007-09-13 15:54 380928 c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-03-11 21:34 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2009-01-15 08:19 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 d:\documents and settings\programs\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\corentin\\jeux\\ShaunWhiteSnowboardingGame.exe"=
"d:\\corentin\\jeux\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Documents and Settings\\corentin\\Bureau\\uTorrent.exe"=
"d:\\corentin\\jeux\\rainbow\\Binaries\\R6Vegas_Game.exe"=
"d:\\corentin\\jeux\\rainbow\\Binaries\\R6Vegas_Launcher.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\programs\\opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Groupement homologue Windows
"3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)
"20352:TCP"= 20352:TCP:BitComet 20352 TCP
"20352:UDP"= 20352:UDP:BitComet 20352 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R0 Pnp680;SiI 680 ATA Controller;c:\windows\system32\drivers\PnP680.sys [2007-11-13 71720]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-20 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-10 603904]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [2007-12-21 30720]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-04-30 24592]
S3 maconfservice;Ma-Config Service;"c:\program files\ma-config.com\maconfservice.exe" --> c:\program files\ma-config.com\maconfservice.exe [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-21 356920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a81491e2-ee01-11dd-bb8d-d200e6a0573e}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com e:\
\Shell\Open\command - RECYCLER\S-7-3-95-100013858-100009101-100023405-3743.com e:\
.
Contenu du dossier 'Tâches planifiées'

2009-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-02-22 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
FF - ProfilePath - c:\documents and settings\corentin\Application Data\Mozilla\Firefox\Profiles\ja5rblbo.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npdsplay.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin2.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin3.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin4.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin5.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin6.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin7.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npwmsdrm.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin2.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin3.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin4.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin5.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin6.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin7.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-22 20:03:29
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\snmp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Heure de fin: 2009-02-22 20:06:32 - La machine a redémarré [corentin]
ComboFix-quarantined-files.txt 2009-02-22 19:06:29

Avant-CF: 9,852,329,984 octets libres
Après-CF: 9,923,600,384 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
;
;Warning: Boot.ini is used on Windows XP and earlier operating systems.
;Warning: Use BCDEDIT.exe to modify Windows Vista boot options.
;
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /NOEXECUTE=OPTIN /FASTDETECT /TUTag=AOT64N

346 --- E O F --- 2009-02-17 21:56:41

désolé je vais faire attention et encore merci pour ton aide pour ton aide
je reviens demain à 19h20 puisque je suis étudiant donc j'espère que tu sera la demain pour m'aider

désolé je vais faire attention et encore merci pour ton aide
je reviens demain à 19h20 puisque je suis étudiant donc j'espère que tu sera la demain pour m'aider

désoler encore pour les 2 messages
a+

Après l'analyse avec combofix, les disque dur,amovible,externe,interne s'ouvrent correctement, je c'est pas si je dois faire encore quelque chose puisque tu m'a demander le rapport mais en tout cas les disque s'ouvrent normalement.
merci dit moi quand même si ce n'est pas fini.
Merci beaucoup et a++

encore dsl, je c'est que c'est énervant les personnes qui envoient plusieurs messages alors qu'ils peuvent le faire en plusieurs fois, mais j'ai constater que en démarrent le PC je doit choisir soit xp pro(ce que je fait bien sûr) ou sinon console... (j'ai essayer de le mettre et enfaite c'est une restauration donc peut tu me dire comment l'enlever puisque cela vien des analyses que tu mas dit de faire, et aussi savoir si je peut supprimer combofix maintenent?

Salut slythief5


- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :



- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt


@++


P.S.

On verra en fin de désinfection

ComboFix 09-02-21.01 - corentin 2009-02-23 19:38:00.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1543 [GMT 1:00]
Lancé depuis: c:\documents and settings\corentin\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\corentin\Bureau\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090223-0] *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskTBar
c:\program files\AskTBar\bar\1.bin\A5POPSWT.DLL
c:\program files\AskTBar\bar\1.bin\ASKTBAR.DLL
c:\program files\AskTBar\bar\Cache\0004A276.bin
c:\program files\AskTBar\bar\Cache\0004A574.bin
c:\program files\AskTBar\bar\Cache\0004A6CB.bin
c:\program files\AskTBar\bar\Cache\0004A842.bin
c:\program files\AskTBar\bar\Cache\008630B8
c:\program files\AskTBar\bar\Cache\files.ini
c:\program files\AskTBar\bar\History\search2
c:\program files\AskTBar\bar\Settings\prevcfg2.htm
c:\program files\AskTBar\PopSwatr\History\allowed
c:\program files\AskTBar\PopSwatr\History\notallow

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-23 au 2009-02-23 ))))))))))))))))))))))))))))))))))))
.

2009-02-22 18:42 . 2009-02-22 18:42 <REP> d-------- C:\rsit
2009-02-22 18:42 . 2009-02-22 18:42 <REP> d-------- c:\program files\trend micro
2009-02-22 18:14 . 2009-02-22 18:15 <REP> d-------- C:\ToolBar SD
2009-02-22 18:07 . 2009-02-22 18:09 <REP> d-------- c:\program files\Navilog1
2009-02-21 11:45 . 2009-02-21 11:45 <REP> d-------- c:\windows\system32\config\systemprofile\Application Data\HPAppData
2009-02-21 11:44 . 2009-02-21 11:55 <REP> d-------- c:\program files\Spyware Doctor
2009-02-21 11:44 . 2009-02-21 11:44 <REP> d-------- c:\documents and settings\Barré\Application Data\PC Tools
2009-02-21 11:44 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2009-02-21 11:44 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2009-02-21 11:44 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2009-02-21 11:44 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2009-02-21 11:35 . 2009-02-22 19:40 81,984 --a------ c:\windows\system32\bdod.bin
2009-02-21 11:29 . 2009-02-22 19:40 <REP> d-------- c:\program files\Fichiers communs\Softwin
2009-02-21 11:21 . 2009-02-21 11:21 <REP> d-------- c:\documents and settings\Barré\Application Data\AVGTOOLBAR
2009-02-20 21:14 . 2009-02-20 21:14 <REP> d-------- c:\program files\Alwil Software
2009-02-20 20:56 . 2009-02-20 20:56 <REP> d-------- c:\program files\UltraVideo
2009-02-20 20:44 . 2004-02-23 01:00 1,386,496 --a------ c:\windows\system32\MSVBVM60.DLL
2009-02-20 20:44 . 2004-02-23 01:00 1,386,496 --a------ c:\windows\MSVBVM60.DLL
2009-02-20 20:43 . 2009-02-20 20:43 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2009-02-20 10:34 . 2009-02-20 10:34 <REP> d-------- c:\program files\Electronic Arts
2009-02-20 10:34 . 2009-02-20 10:34 <REP> d-------- c:\documents and settings\corentin\Application Data\Leadertech
2009-02-20 10:34 . 2009-02-20 10:34 1,110 --a------ c:\windows\system32\ealregsnapshot1.reg
2009-02-19 16:19 . 2009-02-19 16:19 <REP> d-------- c:\documents and settings\corentin\Application Data\SystemRequirementsLab
2009-02-17 19:24 . 2009-02-23 18:07 <REP> d-------- c:\documents and settings\Barré\Tracing
2009-02-17 19:24 . 2009-02-23 18:07 <REP> d-------- c:\documents and settings\Barré\Tracing
2009-02-15 15:00 . 2009-02-15 16:00 <REP> d-------- c:\documents and settings\corentin\Application Data\skypePM
2009-02-15 14:59 . 2009-02-15 14:59 <REP> dr------- c:\program files\Skype
2009-02-15 14:59 . 2009-02-15 14:59 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-02-15 14:59 . 2009-02-23 19:12 <REP> d-------- c:\documents and settings\corentin\Application Data\Skype
2009-02-14 16:58 . 2009-02-23 19:07 <REP> d-------- c:\documents and settings\corentin\Tracing
2009-02-14 16:56 . 2009-02-14 16:56 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-02-14 16:56 . 2009-02-14 16:56 <REP> d-------- c:\program files\Microsoft
2009-02-14 15:09 . 2009-02-22 19:42 <REP> d-------- c:\windows\SoftwareProtection
2009-02-13 20:00 . 2009-02-13 20:00 <REP> d-------- c:\program files\OpenAL
2009-02-13 20:00 . 2009-02-13 20:00 413,696 --a------ c:\windows\system32\wrap_oal.dll
2009-02-13 20:00 . 2009-02-13 20:00 110,592 --a------ c:\windows\system32\OpenAL32.dll
2009-02-13 19:28 . 2009-02-13 19:28 22,328 --a------ c:\documents and settings\corentin\Application Data\PnkBstrK.sys
2009-02-13 19:28 . 2009-02-13 19:28 276 --a------ c:\windows\game.ini
2009-02-13 19:09 . 2009-02-13 19:09 <REP> d-------- c:\documents and settings\corentin\Application Data\HP
2009-02-13 13:17 . 2009-02-13 13:17 <REP> d-------- c:\documents and settings\Barré\.bitrock
2009-02-13 13:17 . 2009-02-13 13:17 <REP> d-------- c:\documents and settings\Barré\.bitrock
2009-02-12 14:36 . 2009-02-13 13:20 <REP> d-------- c:\documents and settings\corentin\Application Data\vlc
2009-02-12 14:32 . 2009-02-12 14:32 <REP> d-------- c:\documents and settings\corentin\Application Data\Apple Computer
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\program files\Apple Software Update
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2009-02-12 14:31 . 2009-02-12 14:31 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
2009-02-12 11:25 . 2006-06-08 10:49 344,064 --a------ c:\windows\system32\drivers\rt73.sys
2009-02-12 11:25 . 2005-12-15 10:38 315,392 --a------ c:\windows\system32\AegisI5.exe
2009-02-12 11:25 . 2006-06-17 12:29 295,018 --a------ c:\windows\system32\Install7x.dll
2009-02-12 11:25 . 2005-11-30 11:33 2,048 --a------ c:\windows\system32\drivers\rt73.bin
2009-02-12 11:25 . 2006-03-06 15:36 45 --a------ c:\windows\filespec7x
2009-02-11 12:45 . 2009-02-11 12:45 <REP> d-------- c:\documents and settings\corentin\Application Data\Nero
2009-02-11 12:43 . 2009-02-11 12:43 <REP> d-------- c:\program files\Nero
2009-02-11 12:43 . 2009-02-11 12:43 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2009-02-11 12:34 . 2009-02-11 12:34 <REP> d-------- c:\documents and settings\Barré\Application Data\TuneUp Software
2009-02-10 22:33 . 2009-02-10 22:33 2,287,104 --a------ c:\windows\system32\TUKernel.exe
2009-02-10 22:20 . 2009-02-10 22:20 <REP> d--h----- c:\windows\Icons
2009-02-10 21:34 . 2009-02-10 21:35 <REP> d-------- c:\program files\Windows Live Safety Center
2009-02-10 18:17 . 2009-02-10 18:17 <REP> d-------- c:\documents and settings\corentin\Application Data\InstallShield
2009-02-10 16:14 . 2009-02-10 16:14 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-02-10 16:14 . 2009-02-10 16:14 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-02-10 16:14 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-02-10 16:10 . 2009-02-10 16:10 <REP> d-------- c:\documents and settings\corentin\Application Data\TuneUp Software
2009-02-10 16:10 . 2009-02-10 16:10 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-02-10 16:09 . 2009-02-10 16:09 <REP> d-------- c:\documents and settings\corentin\Application Data\Todae
2009-02-10 16:09 . 2009-02-10 16:09 <REP> d--hs---- c:\documents and settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-10 16:04 . 2009-02-10 16:04 <REP> d-------- c:\program files\Intel Desktop Board
2009-02-10 12:19 . 2009-02-22 19:07 <REP> d-------- c:\documents and settings\Barré\Application Data\OpenOffice.org2
2009-02-10 10:34 . 2009-02-22 16:00 <REP> d-------- c:\documents and settings\corentin\Application Data\OpenOffice.org2
2009-02-10 10:32 . 2009-02-10 10:33 <REP> d-------- c:\program files\OpenOffice.org 2.2
2009-02-09 19:42 . 2009-02-10 10:22 <REP> d-------- c:\documents and settings\corentin\Application Data\Micro Application
2009-02-09 19:41 . 2009-02-21 12:00 <REP> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-09 19:27 . 2009-02-09 19:27 <REP> d-------- c:\program files\HyCam2
2009-02-09 18:55 . 2009-02-09 18:55 <REP> d-------- c:\documents and settings\corentin\Application Data\OpenOffice.org
2009-02-09 18:54 . 2009-02-22 19:14 <REP> d-------- c:\documents and settings\corentin\Application Data\uTorrent
2009-02-09 18:50 . 2009-02-09 19:16 <REP> d-------- c:\program files\Far Cry (c) UBI Soft
2009-02-09 15:52 . 2009-02-09 15:53 <REP> d-------- c:\documents and settings\corentin\Application Data\Media Player Classic
2009-02-08 21:20 . 2009-02-08 21:20 <REP> d-------- c:\program files\MSXML 4.0
2009-02-08 18:46 . 2009-02-22 17:53 <REP> d-------- c:\documents and settings\corentin\Application Data\LimeWire
2009-02-08 18:45 . 2009-02-08 18:45 <REP> d-------- c:\program files\Real
2009-02-08 17:49 . 2009-02-08 17:49 <REP> d-------- c:\program files\FormatFactory
2009-02-08 16:57 . 2009-02-08 16:57 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-02-08 16:57 . 2009-02-08 16:57 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf
2009-02-08 16:18 . 2009-02-08 16:18 <REP> dr-h----- c:\documents and settings\corentin\Application Data\SecuROM
2009-02-08 12:54 . 2009-02-10 10:36 <REP> d-------- c:\program files\GameSpy Arcade
2009-02-08 12:31 . 2009-02-08 12:31 <REP> d-------- c:\documents and settings\corentin\Application Data\Yahoo!
2009-02-08 12:31 . 2009-02-08 12:31 <REP> d-------- c:\documents and settings\corentin\Application Data\HPAppData
2009-02-08 12:27 . 2009-02-08 12:28 <REP> d-------- c:\documents and settings\corentin\Contacts
2009-02-08 11:55 . 2009-01-28 18:42 <REP> d--h----- c:\documents and settings\corentin\Voisinage réseau
2009-02-08 11:55 . 2009-01-28 18:42 <REP> d--h----- c:\documents and settings\corentin\Voisinage d'impression
2009-02-08 11:55 . 2009-01-28 17:47 <REP> d--h----- c:\documents and settings\corentin\Modèles
2009-02-08 11:55 . 2009-02-14 16:06 <REP> dr------- c:\documents and settings\corentin\Mes documents
2009-02-08 11:55 . 2009-01-28 18:42 <REP> dr------- c:\documents and settings\corentin\Menu Démarrer
2009-02-08 11:55 . 2009-02-10 22:28 <REP> dr------- c:\documents and settings\corentin\Favoris
2009-02-08 11:55 . 2009-02-23 19:37 <REP> d-------- c:\documents and settings\corentin\Bureau
2009-02-08 11:55 . 2009-02-22 20:20 <REP> d-------- c:\documents and settings\corentin
2009-02-08 10:42 . 2009-02-12 15:38 <REP> d-------- c:\documents and settings\Barré\Application Data\LimeWire
2009-02-08 10:41 . 2009-02-18 14:45 <REP> d-------- c:\program files\LimeWire
2009-02-08 10:36 . 2009-02-09 12:53 <REP> d-------- c:\documents and settings\Barré\Application Data\skypePM
2009-02-08 10:36 . 2009-02-08 10:36 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-08 10:34 . 2009-02-09 13:03 <REP> d-------- c:\documents and settings\Barré\Application Data\Skype
2009-02-08 10:34 . 2009-02-15 14:59 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-02-08 10:31 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-08 10:31 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-08 10:31 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-08 09:22 . 2009-02-08 11:54 <REP> d-------- c:\program files\NOS
2009-02-08 09:22 . 2009-02-08 11:54 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\NOS
2009-02-07 23:26 . 2008-07-12 08:18 3,851,784 --a------ c:\windows\system32\D3DX9_39.dll
2009-02-07 23:26 . 2008-07-12 08:18 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll
2009-02-07 23:26 . 2008-07-31 10:40 509,448 --a------ c:\windows\system32\XAudio2_2.dll
2009-02-07 23:26 . 2008-07-12 08:18 467,984 --a------ c:\windows\system32\d3dx10_39.dll
2009-02-07 23:26 . 2008-07-31 10:41 238,088 --a------ c:\windows\system32\xactengine3_2.dll
2009-02-07 23:26 . 2008-07-31 10:41 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\Barré\Application Data\InstallShield
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Ubisoft
2009-02-07 23:25 . 2009-02-07 23:25 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield
2009-02-07 23:14 . 2007-04-27 10:12 78,784 --a------ c:\windows\system32\ISUSPM.cpl
2009-02-07 23:10 . 2009-02-07 23:10 <REP> dr-h----- c:\documents and settings\Barré\Application Data\SecuROM
2009-02-07 23:02 . 2009-02-07 23:10 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-02-07 22:57 . 2009-02-14 15:37 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-02-07 22:57 . 2009-02-07 22:57 22,328 --a------ c:\documents and settings\Barré\Application Data\PnkBstrK.sys
2009-02-07 22:56 . 2009-02-07 22:56 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2009-02-07 22:56 . 2009-02-19 15:55 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2009-02-07 22:56 . 2009-02-14 13:59 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-02-07 22:52 . 2009-02-07 22:52 <REP> d-------- c:\program files\Ubisoft

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-21 14:41 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin
2009-02-19 19:03 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 10:29 9,715,200 ----a-w c:\windows\RTLCPL.EXE
2009-02-06 10:29 77,824 ----a-w c:\windows\SOUNDMAN.EXE
2009-02-06 10:29 57,344 ----a-w c:\windows\ALCMTR.EXE
2009-02-06 10:29 2,808,832 ----a-w c:\windows\ALCWZRD.EXE
2009-02-06 10:29 2,168,320 ----a-w c:\windows\MicCal.exe
2009-02-06 10:29 17,331,200 ----a-w c:\windows\RTHDCPL.EXE
2009-02-06 10:29 1,826,816 ----a-w c:\windows\SkyTel.exe
2009-02-06 10:29 1,200,128 ----a-w c:\windows\RtlUpd.exe
2009-02-06 10:28 528,384 ----a-w c:\windows\RtlExUpd.dll
2009-02-06 08:44 71,720 ----a-w c:\windows\system32\drivers\PnP680.sys
2009-02-05 17:38 30,720 ----a-w c:\windows\system32\drivers\l251x86.sys
2009-01-15 07:19 6,301,248 ----a-w c:\windows\system32\drivers\nv4_mini.sys
2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
.

((((((((((((((((((((((((((((( SnapShot@2009-02-22_20.05.49.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-22 18:52:14 229,697 ----a-w c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-02-23 18:41:58 229,698 ----a-w c:\windows\system32\inetsrv\MetaBase.bin
+ 2009-02-23 18:42:13 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_390.dat
+ 2009-02-23 18:41:12 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_75c.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"nwiz"="nwiz.exe" [2009-01-15 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-06 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Barré^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
path=c:\documents and settings\Barré\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk
backup=c:\windows\pss\OpenOffice.org 2.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 08:20 222080 c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2007-09-13 15:54 380928 c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-03-11 21:34 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2009-01-15 08:19 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2009-01-05 16:18 413696 d:\documents and settings\programs\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\corentin\\jeux\\ShaunWhiteSnowboardingGame.exe"=
"d:\\corentin\\jeux\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Documents and Settings\\corentin\\Bureau\\uTorrent.exe"=
"d:\\corentin\\jeux\\rainbow\\Binaries\\R6Vegas_Game.exe"=
"d:\\corentin\\jeux\\rainbow\\Binaries\\R6Vegas_Launcher.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\programs\\opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Groupement homologue Windows
"3540:UDP"= 3540:UDP:Protocole PNRP (Peer Name Resolution Protocol)
"20352:TCP"= 20352:TCP:BitComet 20352 TCP
"20352:UDP"= 20352:UDP:BitComet 20352 UDP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 Pnp680;SiI 680 ATA Controller;c:\windows\system32\drivers\PnP680.sys [2007-11-13 71720]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-20 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-10 603904]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\drivers\l251x86.sys [2007-12-21 30720]
S3 maconfservice;Ma-Config Service;"c:\program files\ma-config.com\maconfservice.exe" --> c:\program files\ma-config.com\maconfservice.exe [?]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-21 356920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-02-23 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
FF - ProfilePath - c:\documents and settings\corentin\Application Data\Mozilla\Firefox\Profiles\ja5rblbo.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npdsplay.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin2.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin3.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin4.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin5.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin6.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npqtplugin7.dll
FF - plugin: d:\documents and settings\programs\opera\program\plugins\npwmsdrm.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin2.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin3.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin4.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin5.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin6.dll
FF - plugin: d:\documents and settings\programs\Plugins\npqtplugin7.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-23 19:42:16
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-507921405-1580818891-839522115-1007\Software\SecuROM\License information*]
"datasecu"=hex:bf,52,03,c9,6d,0c,13,86,42,63,95,41,b8,94,46,36,a8,b7,0d,20,5b,
90,0f,07,96,48,25,69,5b,d8,5a,15,85,9b,a7,e7,ae,de,b9,b5,19,b5,bd,73,14,ae,\
"rkeysecu"=hex:f4,dd,0f,a2,9e,fd,9d,78,e0,2b,72,18,e2,c4,0c,5c
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\ATKKBService.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\snmp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Heure de fin: 2009-02-23 19:47:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-23 18:47:16
ComboFix2.txt 2009-02-22 19:06:33

Avant-CF: 9 927 016 448 octets libres
Après-CF: 9,918,390,272 octets libres

328 --- E O F --- 2009-02-17 21:56:41

fallait il brancher les disque amovible(disque dur externe, clé usb)?

Salut slythief5


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 3

24/02/2009 19:24:11
mbam-log-2009-02-24 (19-24-11).txt

Type de recherche: Examen rapide
Eléments examinés: 80232
Temps écoulé: 7 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 185
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\system32 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\945_6C8C46B2613715F1C7DF44BE5F218F555E5D9274 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpopia_C1048C5A34C8F23372105E760A56E9F008BF1D60 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF\drivers\dot4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF\drivers\dot4\Win2000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF\drivers\scanner (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hposcu11_5E3F3558789F610C800F2C9B1069F7EB3D9DEAAF\drivers\scanner\x32 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpounppsai_4DABCABF4AABB055E30E0B809DE9815874610F2B (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzid413_F75AD070CF6AC37359152FFE52115AEC89378C94 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzid413_F75AD070CF6AC37359152FFE52115AEC89378C94\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzid413_F75AD070CF6AC37359152FFE52115AEC89378C94\drivers\dot4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzid413_F75AD070CF6AC37359152FFE52115AEC89378C94\drivers\dot4\Win2000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipa13_DB40AE39DB38AD8D2AF2D8E4340ABA1C191DE2CE\drivers\dot4\Win2000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipr13_9B62D8E7E43E761D5D4A9F1967C0FC868E8BC390 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipr13_9B62D8E7E43E761D5D4A9F1967C0FC868E8BC390\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipr13_9B62D8E7E43E761D5D4A9F1967C0FC868E8BC390\drivers\dot4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzipr13_9B62D8E7E43E761D5D4A9F1967C0FC868E8BC390\drivers\dot4\Win2000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\Win2000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\hpzius13_9B9B07948B5298EA9F9D379B539EC8677D74FF6B\drivers\dot4\WinxP (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\ich7core_D2CC300296E830B92132419C9F37026A2750A050 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\ich7ide_B2F6084F99DD228815D4BFB05792893552619021 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\ich7usb_B1FC5B65F51EB4CD44D8B86A6730CFDE8A75C781 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\igxp32_B961C42D22BC0EF37E25CA4DA2C23E6091B9A8E0 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\PhysX32_126D1C23E2B6AB265C2ADA744A3E64441F8F8A78 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\PhysX32_FFB51AAB1A2BF852A002A5B1138133BBA89337D4 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\DRVSTORE\wlphonecv_B88DA7978559975500983DADC0107CF3AA89C14C (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\en-us (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\export (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\fr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\fr-fr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ias (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\icsxml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\IME (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\IME\CINTLGNT (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\IME\PINTLGNT (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\IME\TINTLGNT (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\inetsrv (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Lang (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Lang\HDMI (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Lang\HDMI\FRA (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\LogFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\LogFiles\PunkBuster (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\LogFiles\WUDF (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Macromed (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Macromed\Flash (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Macromed\Flash\FlashPlayerTrust (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Microsoft (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Microsoft\Protect (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Microsoft\Protect\S-1-5-18 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Microsoft\Protect\S-1-5-18\User (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\MsDtc (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\MsDtc\Trace (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\mui (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\mui\000C (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\mui\0409 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\mui\040C (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\mui\dispspec (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\npp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\actsetup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\error (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\dslmain (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\iconnect (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\ispsgnup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\isptype (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\mouse (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\mouse\images (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\oemcust (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\oemhw (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\oemreg (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\html\sconnect (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\icserror (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\images (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\isperror (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\regerror (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\sample (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\oobe\setup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\PreInstall (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\PreInstall\WinSE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\PreInstall\WinSE\wxp_x86_040C_v1 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ras (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0000 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0000\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0001 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0001\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0001\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0002 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0002\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0002\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0003 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0003\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0003\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0004 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0004\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0004\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0005 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0005\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0005\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0006 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0006\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0006\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0007 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0007\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0007\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0008 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0008\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0008\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0009 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0009\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0009\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0010 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0010\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0010\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0011 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0011\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0012 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0012\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0012\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0013 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0013\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0013\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0014 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0014\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0015 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0015\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0016 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0016\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0017 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0017\DriverFiles (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ReinstallBackups\0017\DriverFiles\i386 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Restore (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\RTCOM (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\Setup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\ShellExt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers\color (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers\w32x86 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers\w32x86\3 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers\w32x86\3\fr-FR (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\drivers\w32x86\hpphotosmart_c4200_s3968 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\PRINTERS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\prtprocs (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\spool\prtprocs\w32x86 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\URTTemp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\usmt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\AutoRecover (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\Logs (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\mof (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\mof\bad (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\mof\good (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\Performance (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\Repository (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\Repository\FS (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\snmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wbem\xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\wins (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\xircom (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\xlive (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\XPSViewer (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\XPSViewer\en-us (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\system32\XPSViewer\fr-FR (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\BARRE\Local Settings\Application Data\wkaoquy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\BARRE\Local Settings\Application Data\wkaoquy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\BARRE\Local Settings\Application Data\wkaoquy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\BARRE\Local Settings\Application Data\wkaoquy.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.

Salut slythief5


Télécharge Navilog1 (de IL-MAFIOSO) sur le bureau http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

- Double clic sur Navilog1.exe afin de lancer l'installation

- Si le fix ne lance pas automatiquement après son installation

- Double clic sur navilog1 présent sur le bureau

- Appuie sur F ou f valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 appuie sur la touche Entrée pour valider ton choix.

- Patiente jusqu'au message : *** Analyse Termine le ..... ***

- Le scan fini un rapport portant ce fixnavi.txt sera affiché poste le contenu de ce rapport.
- Si le résultat du scan ne s'affiche pas tu le trouvera dans C:\fixnavi.txt.

Note : Désactive ton Antivirus et antispyware
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan


@++

Search Navipromo version 3.7.4 commencé le 25/02/2009 à 15:11:05,09

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 16.02.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz )
BIOS : BIOS Date: 12/24/07 14:46:29 Ver: 08.00.10
USER : corentin ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1335 [VPS 090225-0] 4.8.1335 (Not Activated)


A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:8 Go)
D:\ (Local Disk) - NTFS - Total:46 Go (Free:19 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)


Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\corentin\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARRE\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARR~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\corentin\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARRE\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARR~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\corentin\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARRE\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\BARR~1\menudm~1\progra~1" ***


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\corentin\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\BARRE\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\BARR~1\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\corentin\locals~1\applic~1" :


* Dans "C:\DOCUME~1\BARRE\locals~1\applic~1" :


* Dans "C:\DOCUME~1\BARR~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 25/02/2009 à 15:11:46,50 ***

ofait c'est à 19h que je peut aller sur le forum
merci encore pour ton aide
a+

Salut slythief5


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

@++

info.txt logfile of random's system information tool 1.05 2009-02-26 19:07:13

======Uninstall list======

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS Gamer OSD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x40c -removeonly
Atheros Communications Inc.(R) L2 Fast Ethernet Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A755762-EED8-47AB-A446-505766F93D43}\Setup.exe" -l0x9 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
FormatFactory-->MsiExec.exe /X{F3379D75-8FC0-4517-B52B-3CE6114A2866}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B22C19AE-6A67-4f28-B541-5AE72FB17A25}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 5.0.11-->"D:\Documents and Settings\programs\limewire\uninstall.exe"
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Malwarebytes' Anti-Malware-->"D:\logiciels\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navilog1 3.7.4-->"C:\Program Files\Navilog1\unins000.exe"
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.2-->MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
ShaunWhiteSnowboarding-->"C:\Program Files\InstallShield Installation Information\{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}\Setup.exe" -runfromtemp -l0x040c -removeonly
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sony Ericsson Themes Creator 3.32-->D:\corentin\jeux\Themes Creator\Uninstall.exe
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tom Clancy's Rainbow Six Vegas-->C:\Program Files\InstallShield Installation Information\{5731C0A8-B266-451A-8D3F-8066AA21836F}\setup.exe -runfromtemp -l0x040c -removeonly
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
UltraVideo-->"C:\Program Files\UltraVideo\Uninstall.exe"
Uniblue DriverScanner 2009-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Worms 4 Mayhem-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45E7C481-3EF4-4FCB-AF0B-19F70D618F0C}\setup.exe" -l0x40c -removeonly

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090225-1]

System event log

Computer Name: BARR-F03AF4102A
Event Code: 7009
Message: Délai (30000 millisecondes) d'attente pour une connexion du service Kaspersky Anti-Virus.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090221091656.000000+060
Event Type: erreur
User:

Computer Name: BARR-F03AF4102A
Event Code: 1001
Message: Le service SNMP a démarré correctement.

Record Number: 4
Source Name: SNMP
Time Written: 20090221091652.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 3100
Message: Le pilote de l'édition Développeur IPv6 Microsoft a été démarré.

Record Number: 3
Source Name: Tcpip6
Time Written: 20090221091624.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 2
Source Name: EventLog
Time Written: 20090221091603.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20090221091603.000000+060
Event Type: Informations
User:

Application event log

Computer Name: BARR-F03AF4102A
Event Code: 1015
Message: Le paramètre TraceLevel ne se trouve pas dans le Registre.
La niveau de suivi utilisé par défaut est 32.

Record Number: 708
Source Name: EvntAgnt
Time Written: 20090207184816.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 1003
Message: Le paramètre TraceFileName ne se trouve pas dans le Registre.
Le fichier de suivi utilisé par défaut est .

Record Number: 707
Source Name: EvntAgnt
Time Written: 20090207184816.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 706
Source Name: SecurityCenter
Time Written: 20090207184805.000000+060
Event Type: Informations
User:

Computer Name: BARR-F03AF4102A
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 705
Source Name: Microsoft Fax
Time Written: 20090207184802.000000+060
Event Type: Avertissement
User:

Computer Name: BARR-F03AF4102A
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 704
Source Name: Microsoft Fax
Time Written: 20090207184802.000000+060
Event Type: Avertissement
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;D:\Documents and Settings\programs\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Logfile of random's system information tool 1.05 (written by random/random)
Run by corentin at 2009-02-26 19:08:13
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 9 GB (31%) free of 30 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:08:14, on 26/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\corentin\Bureau\corentin\autre\RSIT.exe
C:\Program Files\trend micro\corentin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-21-507921405-1580818891-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Barré')
O4 - HKUS\S-1-5-21-507921405-1580818891-839522115-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Barré')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetecti(...)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 7965 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Maintenance en 1 clic.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-02-08 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
{A057A204-BACC-4D26-9990-79A187E2698E}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-15 13680640]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-06 17331200]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-12-22 222080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-01-15 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Documents and Settings\programs\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Barré^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
C:\PROGRA~1\OPENOF~1.2\program\QUICKS~1.EXE [2007-02-02 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^corentin^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
C:\WINDOWS\BRICOP~1\VISTAI~1\UberIcon\UBERIC~1.EXE [2006-05-21 180224]

C:\Documents and Settings\corentin\Menu Démarrer\Programmes\Démarrage
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="C:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\corentin\jeux\ShaunWhiteSnowboardingGame.exe"="D:\corentin\jeux\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"D:\corentin\jeux\ShaunWhiteSnowboarding.exe"="D:\corentin\jeux\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Documents and Settings\corentin\Bureau\uTorrent.exe"="C:\Documents and Settings\corentin\Bureau\uTorrent.exe:*:Enabled:µTorrent"
"D:\corentin\jeux\rainbow\Binaries\R6Vegas_Game.exe"="D:\corentin\jeux\rainbow\Binaries\R6Vegas_Game.exe:*:Enabled:Rainbow Six Vegas"
"D:\corentin\jeux\rainbow\Binaries\R6Vegas_Launcher.exe"="D:\corentin\jeux\rainbow\Binaries\R6Vegas_Launcher.exe:*:Enabled:Rainbow Six Vegas Updater"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Documents and Settings\programs\opera\opera.exe"="D:\Documents and Settings\programs\opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-02-26 19:07:01 ----D---- C:\rsit
2009-02-25 13:23:48 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-02-25 13:22:26 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-02-25 13:22:26 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-02-25 13:21:59 ----D---- C:\WINDOWS\BricoPacks
2009-02-25 13:04:49 ----D---- C:\WINDOWS\system32\VIRepair
2009-02-24 20:25:14 ----D---- C:\Program Files\ViSplore
2009-02-24 20:25:14 ----D---- C:\Program Files\TrueTransparency
2009-02-24 20:25:13 ----D---- C:\Program Files\WinFlip
2009-02-24 20:25:11 ----D---- C:\Program Files\Styler
2009-02-24 20:25:10 ----D---- C:\Program Files\Vista Rainbar
2009-02-24 20:22:34 ----D---- C:\WINDOWS\system32\VITrans
2009-02-24 20:22:34 ----D---- C:\VTPFiles
2009-02-24 20:22:34 ----A---- C:\WINDOWS\system32\Uharc.exe
2009-02-24 20:22:34 ----A---- C:\WINDOWS\system32\reico.exe
2009-02-24 20:22:34 ----A---- C:\WINDOWS\system32\modifype.exe
2009-02-24 20:22:33 ----A---- C:\WINDOWS\system32\pskill.exe
2009-02-24 20:22:33 ----A---- C:\WINDOWS\system32\moveex.exe
2009-02-24 20:21:50 ----A---- C:\WINDOWS\system32\scrnrdr.exe
2009-02-24 19:07:00 ----D---- C:\Documents and Settings\corentin\Application Data\Malwarebytes
2009-02-24 19:06:54 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-02-23 20:21:32 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Software4u
2009-02-23 20:21:13 ----D---- C:\Documents and Settings\corentin\Application Data\Software4u
2009-02-23 20:09:06 ----SHD---- C:\RECYCLER
2009-02-23 19:37:06 ----D---- C:\ComboFix
2009-02-22 19:42:05 ----RASHD---- C:\cmdcons
2009-02-22 19:14:38 ----A---- C:\WINDOWS\zip.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\VFIND.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\SWSC.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\SWREG.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\sed.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\grep.exe
2009-02-22 19:14:38 ----A---- C:\WINDOWS\fdsv.exe
2009-02-22 19:14:33 ----D---- C:\WINDOWS\ERDNT
2009-02-22 19:14:33 ----D---- C:\Qoobox
2009-02-22 18:42:17 ----D---- C:\Program Files\trend micro
2009-02-22 18:14:36 ----D---- C:\ToolBar SD
2009-02-22 18:07:46 ----D---- C:\Program Files\Navilog1
2009-02-21 11:29:12 ----D---- C:\Program Files\Fichiers communs\Softwin
2009-02-20 21:14:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-20 21:14:32 ----D---- C:\Program Files\Alwil Software
2009-02-20 20:56:58 ----D---- C:\Program Files\UltraVideo
2009-02-20 20:44:19 ----A---- C:\WINDOWS\system32\MSVBVM60.DLL
2009-02-20 20:44:06 ----A---- C:\WINDOWS\MSVBVM60.DLL
2009-02-20 20:43:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2009-02-20 20:21:11 ----D---- C:\WINDOWS\Minidump
2009-02-20 10:34:59 ----D---- C:\Program Files\Electronic Arts
2009-02-20 10:34:29 ----D---- C:\Documents and Settings\corentin\Application Data\Leadertech
2009-02-19 16:19:48 ----D---- C:\Documents and Settings\corentin\Application Data\SystemRequirementsLab
2009-02-15 15:00:59 ----D---- C:\Documents and Settings\corentin\Application Data\skypePM
2009-02-15 14:59:33 ----D---- C:\Documents and Settings\corentin\Application Data\Skype
2009-02-15 14:59:28 ----D---- C:\Program Files\Fichiers communs\Skype
2009-02-15 14:59:26 ----RD---- C:\Program Files\Skype
2009-02-14 16:56:44 ----D---- C:\Program Files\Microsoft
2009-02-14 16:56:23 ----D---- C:\Program Files\Windows Live SkyDrive
2009-02-14 15:09:47 ----D---- C:\WINDOWS\SoftwareProtection
2009-02-13 20:00:11 ----D---- C:\Program Files\OpenAL
2009-02-13 20:00:11 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-02-13 20:00:11 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-02-13 19:28:02 ----A---- C:\WINDOWS\game.ini
2009-02-13 19:09:05 ----D---- C:\Documents and Settings\corentin\Application Data\HP
2009-02-12 14:36:52 ----D---- C:\Documents and Settings\corentin\Application Data\vlc
2009-02-12 14:32:55 ----D---- C:\Documents and Settings\corentin\Application Data\Apple Computer
2009-02-12 14:31:09 ----D---- C:\Program Files\Apple Software Update
2009-02-12 14:31:09 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2009-02-12 11:25:24 ----A---- C:\WINDOWS\system32\Install7x.dll
2009-02-12 11:25:24 ----A---- C:\WINDOWS\system32\AegisI5.exe
2009-02-11 15:11:34 ----D---- C:\Documents and Settings\corentin\Application Data\WinRAR
2009-02-11 12:45:06 ----D---- C:\Documents and Settings\corentin\Application Data\Nero
2009-02-11 12:44:45 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2009-02-11 12:43:18 ----D---- C:\Program Files\Nero
2009-02-11 12:43:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2009-02-11 11:10:29 ----D---- C:\Documents and Settings\corentin\Application Data\Opera
2009-02-10 22:33:49 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-02-10 22:20:31 ----HD---- C:\WINDOWS\Icons
2009-02-10 21:34:28 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-10 18:17:54 ----D---- C:\Documents and Settings\corentin\Application Data\InstallShield
2009-02-10 16:14:09 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-02-10 16:14:07 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-02-10 16:14:05 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-02-10 16:10:26 ----D---- C:\Documents and Settings\corentin\Application Data\TuneUp Software
2009-02-10 16:10:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-02-10 16:09:41 ----SHD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-10 16:09:29 ----D---- C:\Documents and Settings\corentin\Application Data\Todae
2009-02-10 16:07:43 ----D---- C:\Program Files\WinRAR
2009-02-10 16:04:22 ----D---- C:\Program Files\Intel Desktop Board
2009-02-10 10:34:57 ----D---- C:\Documents and Settings\corentin\Application Data\OpenOffice.org2
2009-02-10 10:32:54 ----D---- C:\Program Files\OpenOffice.org 2.2
2009-02-09 19:42:00 ----D---- C:\Documents and Settings\corentin\Application Data\Micro Application
2009-02-09 19:41:51 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2009-02-09 19:27:19 ----D---- C:\Program Files\HyCam2
2009-02-09 18:55:52 ----D---- C:\Documents and Settings\corentin\Application Data\OpenOffice.org
2009-02-09 18:54:54 ----D---- C:\Documents and Settings\corentin\Application Data\uTorrent
2009-02-09 18:50:51 ----D---- C:\Program Files\Far Cry (c) UBI Soft
2009-02-09 15:52:54 ----D---- C:\Documents and Settings\corentin\Application Data\Media Player Classic
2009-02-08 21:20:49 ----D---- C:\Program Files\MSXML 4.0
2009-02-08 18:56:45 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-02-08 18:56:33 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-02-08 18:56:33 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-02-08 18:56:30 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-02-08 18:46:45 ----D---- C:\Documents and Settings\corentin\Application Data\LimeWire
2009-02-08 18:45:14 ----D---- C:\Program Files\Real
2009-02-08 18:41:47 ----D---- C:\Documents and Settings\corentin\Application Data\Real
2009-02-08 17:49:12 ----D---- C:\Program Files\FormatFactory
2009-02-08 16:18:31 ----RHD---- C:\Documents and Settings\corentin\Application Data\SecuROM
2009-02-08 15:56:31 ----D---- C:\Documents and Settings\corentin\Application Data\Sun
2009-02-08 12:54:13 ----D---- C:\Program Files\GameSpy Arcade
2009-02-08 12:31:51 ----D---- C:\Documents and Settings\corentin\Application Data\Yahoo!
2009-02-08 12:31:49 ----D---- C:\Documents and Settings\corentin\Application Data\HPAppData
2009-02-08 12:29:08 ----D---- C:\Documents and Settings\corentin\Application Data\Macromedia
2009-02-08 12:29:07 ----D---- C:\Documents and Settings\corentin\Application Data\Adobe
2009-02-08 12:03:17 ----D---- C:\Documents and Settings\corentin\Application Data\Mozilla
2009-02-08 11:55:29 ----D---- C:\Documents and Settings\corentin\Application Data\Identities
2009-02-08 11:55:17 ----SD---- C:\Documents and Settings\corentin\Application Data\Microsoft
2009-02-08 11:55:17 ----ASH---- C:\Documents and Settings\corentin\Application Data\desktop.ini
2009-02-08 10:41:51 ----D---- C:\Program Files\LimeWire
2009-02-08 10:34:33 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\muweb.dll
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-02-08 10:31:06 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-02-08 09:23:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-02-08 09:22:05 ----D---- C:\Program Files\NOS
2009-02-08 09:22:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-02-07 23:26:18 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-02-07 23:26:17 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-02-07 23:25:27 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield
2009-02-07 23:25:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ubisoft
2009-02-07 23:02:55 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-02-07 22:58:31 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-02-07 22:58:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-02-07 22:58:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-02-07 22:58:29 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-02-07 22:58:28 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-02-07 22:58:28 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-02-07 22:58:27 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-02-07 22:58:26 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-02-07 22:58:25 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-02-07 22:58:23 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-02-07 22:58:22 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-02-07 22:58:20 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-02-07 22:58:20 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-02-07 22:58:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-02-07 22:58:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-02-07 22:58:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-02-07 22:58:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-02-07 22:58:17 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-02-07 22:58:10 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-02-07 22:58:10 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-02-07 22:58:05 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-02-07 22:58:05 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-02-07 22:58:04 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-02-07 22:58:04 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-02-07 22:58:03 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-02-07 22:52:12 ----D---- C:\Program Files\Ubisoft
2009-02-07 22:41:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-07 22:40:52 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-07 22:38:26 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG
2009-02-07 22:36:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HPSSUPPLY
2009-02-07 22:34:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP Product Assistant
2009-02-07 22:34:55 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
2009-02-07 22:31:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
2009-02-07 22:31:26 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2009-02-07 22:31:04 ----A---- C:\WINDOWS\system32\hpz3l5ha.dll
2009-02-07 22:29:51 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2009-02-07 22:29:51 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpowiax4.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpovst11.dll
2009-02-07 22:29:50 ----RA---- C:\WINDOWS\system32\hpotiop4.dll
2009-02-07 22:27:48 ----D---- C:\Program Files\HP
2009-02-07 22:12:07 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-02-07 22:11:31 ----D---- C:\Program Files\My Company Name
2009-02-07 21:46:44 ----D---- C:\Program Files\PowerQuest
2009-02-07 21:23:34 ----D---- C:\Program Files\uTorrent
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\javaws.exe
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\javaw.exe
2009-02-07 21:05:11 ----A---- C:\WINDOWS\system32\java.exe
2009-02-07 21:04:43 ----D---- C:\Program Files\Java
2009-02-07 20:59:18 ----D---- C:\Program Files\Fichiers communs\SWF Studio
2009-02-07 20:57:31 ----D---- C:\Downloads
2009-02-07 20:27:03 ----D---- C:\Program Files\Windows Live
2009-02-07 20:26:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2009-02-07 20:22:03 ----D---- C:\Program Files\Mozilla Firefox
2009-02-07 20:12:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2009-02-07 20:12:05 ----D---- C:\Program Files\CCleaner
2009-02-07 17:58:30 ----HD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-02-07 17:58:16 ----D---- C:\Program Files\Adobe
2009-02-07 17:58:03 ----D---- C:\Program Files\Messenger
2009-02-07 17:57:30 ----D---- C:\Program Files\ASUS
2009-02-07 17:57:19 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-02-07 17:57:19 ----D---- C:\Program Files\Alcohol Soft
2009-02-07 17:56:54 ----D---- C:\Program Files\Fichiers communs\France Telecom
2009-02-07 17:56:49 ----D---- C:\Program Files\SystemRequirementsLab
2009-02-07 17:56:09 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-02-07 17:56:06 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2009-02-07 17:56:04 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-07 17:56:01 ----D---- C:\Program Files\Fichiers communs\HP
2009-02-07 17:55:59 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-02-07 17:55:54 ----D---- C:\Program Files\Fichiers communs\Java
2009-02-07 17:55:50 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-02-07 17:55:49 ----D---- C:\Program Files\Fichiers communs\Real
2009-02-07 17:55:43 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-02-07 17:55:40 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-02-07 17:55:22 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-02-07 17:55:18 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-02-07 17:54:13 ----D---- C:\Program Files\Fichiers communs\Nero
2009-02-07 16:53:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}(2)
2009-02-06 18:52:40 ----A---- C:\WINDOWS\system32\sirenacm.dll
2009-02-06 11:29:40 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-02-06 10:10:50 ----D---- C:\WINDOWS\Prefetch
2009-02-06 09:59:39 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-06 09:49:24 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-02-06 09:47:12 ----D---- C:\WINDOWS\NV21682172.TMP
2009-02-06 09:43:26 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
2009-02-06 09:42:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-06 09:41:11 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ma-config.com
2009-02-06 09:40:59 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:25:02 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-02-06 09:25:01 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-02-06 09:25:00 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-02-06 09:24:59 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-02-06 09:24:58 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-02-06 09:24:56 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-02-06 09:24:56 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-02-06 09:24:55 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-02-06 09:24:54 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-02-06 09:24:51 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKOSDMini.DLL
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\atkid.ini
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKDispCPL.dll
2009-02-06 09:24:37 ----A---- C:\WINDOWS\system32\ATKDISP.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\DPInst.exe
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\devcon.exe
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ATKOSDX32.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ATKOGL32.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asrussian.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\askorean.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asjapan.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asgerman.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\asfrench.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\aseng.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\ASCHT.dll
2009-02-06 09:24:36 ----A---- C:\WINDOWS\system32\aschs.dll
2009-02-06 09:24:10 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-02-06 09:23:27 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-02-05 18:41:35 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-02-05 18:41:06 ----D---- C:\Intel
2009-02-04 19:57:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\DriverScanner
2009-02-04 16:17:13 ----A---- C:\WINDOWS\system32\Install6x.dll
2009-02-01 01:52:46 ----SHD---- C:\$RECYCLE.BIN
2009-02-01 01:39:50 ----SH---- C:\Boot.bak
2009-01-31 19:03:04 ----A---- C:\WINDOWS\system32\XceedZip.dll
2009-01-31 16:30:44 ----RASH---- C:\BOOTSECT.BAK
2009-01-31 16:30:39 ----SHD---- C:\Boot
2009-01-31 10:53:18 ----A---- C:\WINDOWS\yesmessenger.ini
2009-01-31 10:53:18 ----A---- C:\WINDOWS\wininit.ini
2009-01-31 10:53:16 ----A---- C:\WINDOWS\unvise32.exe
2009-01-31 10:53:15 ----RA---- C:\WINDOWS\Twunk_32.dll
2009-01-31 10:53:15 ----RA---- C:\WINDOWS\Twunk_16.dll
2009-01-31 10:53:15 ----A---- C:\WINDOWS\unin040c.exe
2009-01-31 10:53:13 ----RA---- C:\WINDOWS\SET25.tmp
2009-01-31 10:53:13 ----A---- C:\WINDOWS\ST5UNST.EXE
2009-01-31 10:53:13 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-01-31 10:53:13 ----A---- C:\WINDOWS\slrundll.exe
2009-01-31 10:53:13 ----A---- C:\WINDOWS\SkyTel.exe
2009-01-31 10:53:12 ----A---- C:\WINDOWS\RtlUpd.exe
2009-01-31 10:53:12 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-01-31 10:53:11 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-01-31 10:53:11 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-01-31 10:53:10 ----A---- C:\WINDOWS\R5ClkLib.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\OneTouchVga.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nvgpio.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nVGA_i2c.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\nvapi9x.dll
2009-01-31 10:53:09 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-31 10:53:08 ----A---- C:\WINDOWS\MicCal.exe
2009-01-31 10:53:08 ----A---- C:\WINDOWS\kit.ini
2009-01-31 10:53:08 ----A---- C:\WINDOWS\IsUn040c.exe
2009-01-31 10:53:08 ----A---- C:\WINDOWS\i2c_i.dll
2009-01-31 10:53:08 ----A---- C:\WINDOWS\i2c.dll
2009-01-31 10:53:08 ----A---- C:\WINDOWS\HyperDrive.exe
2009-01-31 10:53:07 ----A---- C:\WINDOWS\EIO.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ATKKBService.exe
2009-01-31 10:53:04 ----A---- C:\WINDOWS\atistclk.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\atipdlxx.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\aticlocklib.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ASUSRC.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ASMT_CE.dll
2009-01-31 10:53:04 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-01-31 10:53:04 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-01-31 10:53:04 ----A---- C:\WINDOWS\002529_.tmp
2009-01-30 20:41:51 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-30 20:35:56 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-30 20:35:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-30 20:27:49 ----D---- C:\WINDOWS\dell
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMVCore.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmstream.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpui.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpshell.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmploc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpcore.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpcd.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmpasf.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmidx.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmerror.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\wmasf.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\winshfhc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\strmdll.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\shmedia.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msscp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mspmsp.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msnetobj.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2009-01-30 20:25:20 ----A---- C:\WINDOWS\system32\blastcln.exe
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\logagent.exe
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\dxmasf.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmstor.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\drmclien.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\cewmdm.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\blackbox.dll
2009-01-30 20:25:19 ----A---- C:\WINDOWS\system32\asferror.dll
2009-01-30 20:25:13 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-01-30 20:25:12 ----A---- C:\WINDOWS\vmmreg32.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\vga256.dll
2009-01-30 20:25:12 ----A---- C:\WINDOWS\system32\tourstart.exe
2009-01-30 20:25:11 ----A---- C:\WINDOWS\system32\spnpinst.exe
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odtext32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odpdx32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odfox32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\odexl32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\oddbse32.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msxbde40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\mstext40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msrepl40.dll
2009-01-30 20:25:07 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\mspbde40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msltus40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msexcl40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\msexch40.dll
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-01-30 20:25:06 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\krnl386.exe
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir50_32.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2009-01-30 20:25:05 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2009-01-30 20:25:04 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-01-30 20:25:04 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\wshfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\wmerrFRA.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\vbsfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\scrrnfr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\scofr.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\mfc42loc.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\mfc40loc.dll
2009-01-30 20:25:03 ----A---- C:\WINDOWS\system32\jsfr.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2009-01-30 20:25:01 ----A---- C:\WINDOWS\system32\xpob2res.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdycc.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbduzb.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdtat.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdru1.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdru.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-01-30 20:25:00 ----A---- C:\WINDOWS\system32\edit.com
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msutb.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\mslbui.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msimtf.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msctfp.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\msctf.dll
2009-01-30 20:24:57 ----A---- C:\WINDOWS\system32\ctfmon.exe
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinben.dll
2009-01-30 20:24:56 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2009-01-30 20:24:50 ----A---- C:\WINDOWS\system32\zipfldr.dll
2009-01-30 20:24:49 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2009-01-30 20:24:49 ----A---- C:\WINDOWS\system32\xmlprov.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xenroll.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xcopy.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\xactsrv.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wstdecod.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsock32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshrm.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wship6.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshext.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshcon.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wsecedit.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscript.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wscntfy.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\ws2help.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\ws2_32.dll
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wpabaln.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-01-30 20:24:48 ----A---- C:\WINDOWS\system32\wow32.dll
2009-01-30 20:24:47 ----A---- C:\WINDOWS\system32\wmiscmgr.dll
2009-01-30 20:24:47 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wmi.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wlnotify.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wldap32.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winver.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wintrust.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsta.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsrv.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winspool.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winsock.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winscard.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winrnr.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\WINNTBBU.DLL
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winnls.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winmm.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winlogon.exe
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winipsec.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\wininet.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-01-30 20:24:46 ----A---- C:\WINDOWS\system32\winhlp32.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\winhlp32.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\winhelp.exe
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\winfax.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\WINbrand.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win87em.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\win.com
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-01-30 20:24:45 ----A---- C:\WINDOWS\system32\wiavideo.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiashext.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiaservc.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiascr.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiadss.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiadefui.dll
2009-01-30 20:24:44 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\wextract.exe
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webvw.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webhits.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webclnt.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-01-30 20:24:43 ----A---- C:\WINDOWS\system32\wdigest.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\w32time.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vwipxspx.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vwipxspx.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssvc.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssapi.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-01-30 20:24:42 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vga.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\version.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\verifier.exe
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\verifier.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\ver.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vdmredir.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-01-30 20:24:41 ----A---- C:\WINDOWS\system32\vbajet32.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\utilman.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\utildll.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\usp10.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\userinit.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\userenv.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\user32.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\user.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\usbmon.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\url.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\ureg.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\ups.exe
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\upnpui.dll
2009-01-30 20:24:40 ----A---- C:\WINDOWS\system32\upnphost.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twunk_32.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twunk_16.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twain_32.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\twain.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\upnpcont.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\upnp.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\untfs.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\uniplat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\unimdmat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\umandlg.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\ulib.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\ufat.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\udhisapi.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\typeperf.exe
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\typelib.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\txflog.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\twext.dll
2009-01-30 20:24:39 ----A---- C:\WINDOWS\system32\osuninst.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\w3ssl.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsddd.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\trkwks.dll
2009-01-30 20:24:38 ----A---- C:\WINDOWS\system32\tree.com
2009-01-30 20:24:37 ----A---- C:\WINDOWS\taskman.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\traffic.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracert.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tracerpt.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntsess.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\themeui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tftp.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\termmgr.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\telnet.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmon.ini
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmon.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcpmib.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskmgr.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskman.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tasklist.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\taskkill.exe
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapisrv.dll
2009-01-30 20:24:37 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi32.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi3.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\tapi.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\systray.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\systeminfo.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syskey.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syncui.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\synceng.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\sxs.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\swprv.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\svchost.exe
2009-01-30 20:24:36 ----A---- C:\WINDOWS\system32\subst.exe
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\strmfilt.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\storage.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\stobject.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\stimon.exe
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sti_ci.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sti.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-01-30 20:24:35 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spoolsv.exe
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spoolss.dll
2009-01-30 20:24:34 ----A---- C:\WINDOWS\system32\spiisupd.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\sort.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\softpub.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmptrap.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmpapi.dll
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\snmp.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smss.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2009-01-30 20:24:30 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\smbinst.exe
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slbiop.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slbcsp.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\slayerxp.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\skeys.exe
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\skdll.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\sisbkup.dll
2009-01-30 20:24:29 ----A---- C:\WINDOWS\system32\simptcp.dll
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\sigverif.exe
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\sigtab.dll
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shutdown.exe
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shsvcs.dll
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shscrap.dll
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shrpubw.exe
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shmgrate.exe
2009-01-30 20:24:28 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shimgvw.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shimeng.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shgina.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shfolder.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shell32.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shell.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\shdoclc.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\share.exe
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sfmapi.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sfc_os.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sfc.exe
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sfc.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\setver.exe
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\setupdll.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\setup.exe
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\sethc.exe
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\services.msc
2009-01-30 20:24:27 ----A---- C:\WINDOWS\system32\services.exe
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\serialui.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\senscfg.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sensapi.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sens.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sendmail.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\security.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\secur32.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\secpol.msc
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\seclogon.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\secedit.exe
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sdpblb.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\sdbinst.exe
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\scrrun.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\scrobj.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\scriptpw.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\scredir.dll
2009-01-30 20:24:26 ----A---- C:\WINDOWS\system32\schtasks.exe
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\schannel.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\scesrv.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\scecli.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sccsccp.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sccbase.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\scardssp.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\scarddlg.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sc.exe
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sbeio.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\sbe.dll
2009-01-30 20:24:25 ----A---- C:\WINDOWS\system32\savedump.exe
2009-01-30 20:24:24 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-01-30 20:24:24 ----A---- C:\WINDOWS\system32\samlib.dll
2009-01-30 20:24:24 ----A---- C:\WINDOWS\system32\runonce.exe
2009-01-30 20:24:24 ----A---- C:\WINDOWS\system32\rundll32.exe
2009-01-30 20:24:24 ----A--

Salut slythief5


Télécharge SDFix par AndyManchesta sur le Bureau :

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe


Double clic sur SDFix.exe sur le bureau et clic sur Install , choisi le bureau pour l’intallation et un dossier sera créer sur le bureau.


Redémarre ton PC en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur.


Ouvre le dossier SDFix sur le bureau et double clique sur RunThis.bat, appuie sur Y pour lancer le nettoyage.

Il y aura redémarrage, quand Finished s’affichera appuie sur un touche pour terminer.

Poste le rapport qui se trouve dans le dossier SDFix sous le nom de Report.txt dans ta prochaine réponse.


@++

slt d'
accord pour ton conseille mais j'ai deux session celle de mes parents et la mienne qui est la plus utiliser et ou j'ai fait ce que tu ma dit de faire précédemment

donc je le fait sur quel session

Salut slythief5


Fais le sur ta session


@++

http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/vi(...)

heu dsl je me suis tromper je t'envoie le rapport

SDFix: Version 1.240
Run by corentin on 28/02/2009 at 16:33

Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\corentin\Bureau\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-28 16:39:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:d2,a7,6a,95,71,29,eb,a7,0f,3c,2b,ee,99,e1,29,a5,98,04,c4,13,c3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:77,cc,b7,b1,b9,58,fd,91,1c,94,4e,5d,ef,ab,2d,78,b0,60,26,a7,18,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:77,cc,b7,b1,b9,58,fd,91,1c,94,4e,5d,ef,ab,2d,78,b0,60,26,a7,18,..
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"="C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"="C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"="C:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe:*:Enabled:Editeur"
"D:\\corentin\\jeux\\ShaunWhiteSnowboardingGame.exe"="D:\\corentin\\jeux\\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"D:\\corentin\\jeux\\ShaunWhiteSnowboarding.exe"="D:\\corentin\\jeux\\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Documents and Settings\\corentin\\Bureau\\uTorrent.exe"="C:\\Documents and Settings\\corentin\\Bureau\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"D:\\Documents and Settings\\programs\\opera\\opera.exe"="D:\\Documents and Settings\\programs\\opera\\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

Remaining Files :



Files with Hidden Attributes :

Tue 10 Feb 2009 370 ..SH. --- "C:\Boot.bak"
Sun 1 Feb 2009 8,192 A.SHR --- "C:\BOOTSECT.BAK"
Tue 10 Feb 2009 2,516 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Sun 14 Sep 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 14 Sep 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 7 Feb 2009 0 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\Cache\Indiv01.tmp"
Sat 7 Feb 2009 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\326d1a08fc685e3efad9e9a5b059ebfb\BIT4B.tmp"
Sat 7 Feb 2009 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5b6da8fb69b176ee583a3734e2af76e6\BIT4C.tmp"
Mon 26 Jan 2009 4,842 ...HR --- "C:\Documents and Settings\BARRE\Application Data\SecuROM\UserData\securom_v7_01.bak"
Sat 7 Feb 2009 444 ...HR --- "C:\Documents and Settings\Barr‚\Application Data\SecuROM\UserData\securom_v7_01.bak"
Fri 27 Feb 2009 2,865 ...HR --- "C:\Documents and Settings\corentin\Application Data\SecuROM\UserData\securom_v7_01.bak"

Finished!

Salut slythief5


Poste le rapport log.txt de nouveau, l'autre n'est pas complet

Le rapports est dans le dossier ici C:\rsit

Utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.


@++

http://cjoint.com/?dcrZmZD1cW

Salut slythief5


Télécharge OTMoveIt3 (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.


@++

ok mais j'ai plusieur dossier dans C:\_OTMoveIt\MovedFiles. donc je pensse que c'est celui la: http://cjoint.com/?dctGYMnwLR

Salut slythief5


OK c'est bon, on va vérifier si rien de caché :

Fais un scan en ligne ici :
http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

Désactive ton Antivirus avant le scan en ligne
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

Sur la page du scan en bas à droite clique sur Démarrer Online-scanner et dans la nouvelle fenêtre qui s'affiche clique sur J'accepte

Accepte les Contrôle ActivX

Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)

Poste le contenue du rapport

Aide pour l'utilisation du scan en ligne :
http://forum.pcastuces.com/kaspersky_online_scanner___tutoriel-f31s10.htm

P.S. : Si tu as un problème pour l'installation du Contrôle ActivX lis ceci :
http://www.inoculer.com/activex.php3

NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


@++

http://cjoint.com/?ddnKYb3hlG

Salut slythief5


- Supprime C:\_OTMoveIt <== ce dossier
- Vide la corbeille

-----

Double-clique sur OTMoveIt3.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTMoveIt3

Ton PC va redémarrer pour finir la suppression

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.


@++

ok
merci mais dit moi si il faut que je désactive mon antivirus car quand j'ai cliquer sur MoveIT avast a détecter plein de virus donc dit moi si je le désactive avant